All 6 CVE vulnerabilities found in cryptography, with AI-generated Chinese analysis, references, and POCs.
Vendor: pyca
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-39892 | cryptography has a buffer overflow if non-contiguous buffers were passed to APIs CWE-119 | 8.1AI | HighAI | 2026-04-08 |
| CVE-2026-34073 | cryptography has incomplete DNS name constraint enforcement on peer names CWE-295 | 9.1AI | CriticalAI | 2026-03-31 |
| CVE-2026-26007 | cryptography Subgroup Attack Due to Missing Subgroup Validation for SECT Curves CWE-345 | 6.5 | - | 2026-02-10 |
| CVE-2024-26130 | cryptography NULL pointer deference with pkcs12.serialize_key_and_certificates when called with a non-matching certificate and private key and an hmac_hash override CWE-476 | 7.5 | High | 2024-02-21 |
| CVE-2023-49083 | cryptography vulnerable to NULL-dereference when loading PKCS7 certificates CWE-476 | 5.9 | Medium | 2023-11-29 |
| CVE-2023-23931 | Cipher.update_into can corrupt memory in pyca cryptography CWE-754 | 4.8 | Medium | 2023-02-07 |
All 6 known CVE vulnerabilities affecting cryptography with full Chinese analysis, references, and POCs where available.