THE content reports two critical vulnerabilities discovered in GNU gzip, identified as CVE-2026-41991 and CVE-2026-41992. The first vulnerability (CVE-2026-41991) allows local attackers to overwrite files using a gzexe symlink attack due to predictable temporary filenames. The second vulnerability (CVE-2026-41992) triggers an out-of-bounds read in the decompression code. Both vulnerabilities affect all versions up to 1.14 and have a medium to high severity rating. Proper patching is advised as the gzip tool is widely used across Linux and Unix systems, and currently, there have been no confirmed exploits.
Gzip CVE-2026-41991/2 let attackers overwrite files
CyberSIXT Evidence Panel
Article by CyberSIXT