CVE-2026-3441

MEDIUM SEVERITY

CVSS Score & Metrics

Base Score

6.1 / 10

Vector String

                                        CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L                                    

Vulnerability Description

A flaw was found in GNU Binutils. This heap-based buffer overflow vulnerability, specifically an out-of-bounds read in the bfd linker, allows an attacker to gain access to sensitive information. By convincing a user to process a specially crafted XCOFF object file, an attacker can trigger this flaw, potentially leading to information disclosure or an application level denial of service.

Vulnerability Details

Published Date

March 16, 2026

Last Modified

March 20, 2026

CWE ID

CWE-125

Source

NVD

Vendor

gnu

Product

binutils

External References

https://access.redhat.com/security/cve/CVE-2026-3441
https://bugzilla.redhat.com/show_bug.cgi?id=2443826

CVE-2026-3441

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment