CVE-2026-27448 | pyca pyOpenSSL up to 0.14.0/26.0.0 set_tlsext_servername_callback access control (GHSA-vp96-hxj8-p424)

Inserito da Angelo Barbosa | Mar 18, 2026 | CVE

A vulnerability labeled as critical has been found in pyca pyOpenSSL up to 0.14.0/26.0.0. Affected by this issue is the function set_tlsext_servername_callback. The manipulation results in improper access controls.

This vulnerability is identified as CVE-2026-27448. The attack can be executed remotely. There is not any exploit available.

The affected component should be upgraded.

CVE-2026-27448 | pyca pyOpenSSL up to 0.14.0/26.0.0 set_tlsext_servername_callback access control (GHSA-vp96-hxj8-p424)

Post correlati

CVE-2024-54543 | Apple iOS/iPadOS Web memory corruption

CVE-2024-31445 | Cacti up to 1.2.26 api_automation.php automation_get_new_graphs_sql sql injection

CVE-2021-47623 | Linux Kernel up to 5.10.100/5.15.23/5.16.9 fixmap __set_fixmap information disclosure

CVE-2024-8089 | SourceCodester E-Commerce System 1.0 controller.php photo unrestricted upload