CVE lookup
CVE-2026-26007
Pruva has a verified reproduction for CVE-2026-26007: pyca/cryptography SECT curve public key parsing lacks subgroup validation, enabling small-subgroup attacks that leak ECDH private key bits and allow ECDSA signature forgery.. The canonical evidence record is REPRO-2026-00089.
REPRO
REPRO-2026-00089
Package
Unknown
Severity
HIGH
Status
published