cvedb.io
CVE-2026-3442
MEDIUM · CVSS 6.1
EPSS exploitation probability: 0%
Published 2026-03-16T14:19:47.720 · Last modified 2026-06-30T15:16:56.070

Summary

A flaw was found in GNU Binutils. This vulnerability, a heap-based buffer overflow, specifically an out-of-bounds read, exists in the bfd linker component. An attacker could exploit this by convincing a user to process a specially crafted malicious XCOFF object file. Successful exploitation may lead to the disclosure of sensitive information or cause the application to crash, resulting in an application level denial of service.

Affected products

gnu — binutils

Does this affect you?

Add your gear to cvedb and we'll alert you only when gnu ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.