VDB
CVE-2026-27459
CVE-2026-27459
PUBLISHED
CVSS 7.400000095367432 HIGH
pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 22.0.0 and prior to version 26.0.0, if a user provided callback to `set_cookie_generate_callback` returned a cookie value greater than 256 bytes, pyOpenSSL would overflow an OpenSSL provided buffer. Starting in version 26.0.0, cookie values that are too long are now rejected.
EPSS 0.03% · 8.1th percentile
Risk Scores
CVSS 3.1
7.400000095367432
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.03%
8.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| pyopenssl | pyopenssl | 22.0.0 |
| PyPI | pyopenssl | 22.0.0 |
| libexif_project | libexif | |
| libexif project | libexif | 0 |
| linux | linux_kernel | 2.6.24, 2.6.24, 2.6.24 |
| Linux | Linux | 6.1.165, 6.12.75, 6.18.14 |
Timeline
- Mar 16, 2026 CVE Published
- Mar 17, 2026 Security Advisory
- Mar 18, 2026 EPSS Score
- Mar 19, 2026 CVE Updated
- Mar 19, 2026 PoC Published
- Mar 19, 2026 EPSS Score
- Mar 19, 2026 PoC Published
- Mar 20, 2026 EPSS Score
- Mar 21, 2026 EPSS Score
- Mar 22, 2026 EPSS Score
- Mar 23, 2026 EPSS Score
- Mar 24, 2026 EPSS Score
References
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27448 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-71265 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23243 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27135 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23241 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-71267 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23266 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23259 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23267 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23248 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23233 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-71239 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32775 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-71266 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27459 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23242 advisory
- https://git.kernel.org/stable/c/1371ef6b1ecf3676b8942f5dfb3634fb0648128e url
- https://git.kernel.org/stable/c/362e45fd9069ffa1523f9f1633b606ebf72060d7 url
- https://git.kernel.org/stable/c/6eb2919474ca105c5b13d19574e25f0ddcf19ca2 url
- https://git.kernel.org/stable/c/a6a3e4af10993cb9e4b8f0548680aba0ab5f3b0d url
…and 26 more