CVE-2026-27459

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions pyOpenSSL versions 22.0.0 through 25.3.0

Description pyOpenSSL is a Python wrapper around the OpenSSL library. If a user-provided callback to the set cookie generate callback function returned a cookie value exceeding 256 bytes, pyOpenSSL would cause a buffer overflow in an OpenSSL-provided buffer. Starting with version 26.0.0, pyOpenSSL rejects cookie values that are too long, mitigating the issue. The set cookie generate callback function is used to generate cookies for use with DTLS (Datagram Transport Layer Security).

Recommendations pyOpenSSL versions 22.0.0 through 25.3.0 should be updated to version 26.0.0 or later.

Exploit

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-120

Related Identifiers

CVE-2026-27459

ECHO-913B-6868-0495

GHSA-5PWR-322W-8JR4

MGASA-2026-0074

OESA-2026-1729

OESA-2026-1730

OESA-2026-1731

OESA-2026-1734

OPENSUSE-SU-2026:10392-1

OPENSUSE-SU-2026:20419-1

RHSA-2026:10754

RHSA-2026:13508

RHSA-2026:13512

RHSA-2026:14835

RHSA-2026:14873

RHSA-2026:14874

RHSA-2026:7224

SUSE-SU-2026:1192-1

SUSE-SU-2026:20930-1

SUSE-SU-2026:20954-1

SUSE-SU-2026:20960-1

USN-8115-1

Affected Products

Linuxmint

Openssl

Ubuntu

Pyopenssl

CVE-2026-27459

Weakness Enumeration

Related Identifiers

Affected Products

References · 51