Vendor
A critical stack-based buffer overflow vulnerability, CVE-2026-48863, has been identified in the PGP verification component of libsolv, allowing a remote attacker to trigger a denial of service by crafting a malicious Ed25519 PGP signature with mismatched MPI lengths, impacting automated package or repository processing workflows.