Skip to content

CVE lookup

CVE-2026-26007

Pruva has a verified reproduction for CVE-2026-26007: pyca/cryptography SECT curve public key parsing lacks subgroup validation, enabling small-subgroup attacks that leak ECDH private key bits and allow ECDSA signature forgery.. The canonical evidence record is REPRO-2026-00089.

REPRO

REPRO-2026-00089

Package

Unknown

Severity

HIGH

Status

published