VDB

TNCVE-2026-39892

TNCVE-2026-39892 PUBLISHED

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. From 45.0.0 to before 46.0.7, if a non-contiguous buffer was passed to APIs which accepted Python buffers (e.g. Hash.update()), this could lead to buffer overflows. This vulnerability is fixed in 46.0.7.

Timeline

  • Apr 8, 2026 CVE Published

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›