CVE-2026-39892
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. From 45.0.0 to before 46.0.7, if a n
CVSS
9.8
Critical
EPSS
0.7%
p47
KEV
—
Exploit Today
14
0-100
Published: Apr 8, 2026 · Last modified: Jul 17, 2026 · CWE-119 · CWE-131
0.7%EPSS · 30 days0.7%
2026-06-302026-07-17
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. From 45.0.0 to before 46.0.7, if a non-contiguous buffer was passed to APIs which accepted Python buffers (e.g. Hash.update()), this could lead to buffer overflows. This vulnerability is fixed in 46.0.7.
- github.comhttps://github.com/pyca/cryptography/security/advisories/GHSA-p423-j2cm-9vmq
- www.openwall.comhttp://www.openwall.com/lists/oss-security/2026/04/08/12
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:19375
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:20338
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:21017
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:22465
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:22629
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:22840
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:23361
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:24483
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:24761
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:24762
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:24853
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:24866
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:24977
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:30088
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:30089
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:37275
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:7295
- access.redhat.comhttps://access.redhat.com/security/cve/CVE-2026-39892
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2025-312778.8 HIG71.0%
KEV—71Apple Multiple Products Buffer Overflow Vulnerability3dCVE-2026-429458.1 HIG99.1%
——30NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_rewrite_module module. This vulnerability exists when the rewrite directive is followed by a rewrite, if, or set directive and an unnamed Perl-Compatible Regular Expression (PCRE) capture (for example, $1, $2) with a replacement string that includes a question mark (?). An unauthenticated attacker along with conditions beyond its control can exploit this vulnerability by sending crafted HTTP requests. This may cause a heap buffer overflow in the NGINX worker process leading to a restart. Additionally, attackers can execute code on systems with Address Space Layout Randomization (ASLR) disabled or when the attacker can bypass ASLR. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.3dCVE-2005-445910.0 NO 96.2%
——29Heap-based buffer overflow in the NAT networking components vmnat.exe and vmnet-natd in VMWare Workstation 5.5, GSX Server 3.2, ACE 1.0.1, and Player 1.0 allows remote authenticated attackers, including guests, to execute arbitrary code via crafted (1) EPRT and (2) PORT FTP commands.10dCVE-2011-40454.3 NO 88.5%
——27Buffer overflow in an unspecified ActiveX control in aipgctl.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to cause a denial of service via a crafted HTML document.8dCVE-2026-420558.1 HIG88.0%
——26NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_proxy_v2_module and ngx_http_grpc_module modules. This vulnerability exists when the proxy_http_version to 2 or grpc_pass directives are used to proxy HTTP/2 traffic, the ignore_invalid_headers directive is set to off, and the large_client_header_buffers directive size is larger than 2 megabytes. A remote, unauthenticated attacker, along with conditions beyond their control, could send large headers while creating an upstream request. This may cause a heap-based buffer overflow in the NGINX worker process leading to a restart. Additionally, attackers can execute code on systems with Address Space Layout Randomization (ASLR) disabled or when the attacker can bypass ASLR.
Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.3dCVE-2026-444208.8 HIG87.7%
——26FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP client can trigger a heap-buffer-overflow write in FreeRDP's server-side clipboard (cliprdr) channel by sending a CB_CLIP_CAPS PDU with a too-small capabilitySetLength. This can crash the server process (remote DoS) and may be exploitable for code execution because it corrupts heap memory. This vulnerability is fixed in 3.26.0.3d