Libgcrypt 1.9.0, a cryptographic library integrated in the GnuPG, has a ‘severe’ security vulnerability and should not be used. The vulnerability is a heap overflow due to an incorrect assumption in the block buffer management code. A fix for the bug will be released later today, but not a CVE-checker has not been released. Librecrypt is a general purpose cryptographic library used by some other encryption software, but some other software also uses it.
Source: https://www.helpnetsecurity.com/2021/01/29/libgcrypt-vulnerability/

