CVE-2026-27459 | pyca pyOpenSSL up to 25.x Cookie set_cookie_generate_callback buffer overflow (GHSA-5pwr-322w-8jr4)

Inserito da Angelo Barbosa | Mar 18, 2026 | CVE

A vulnerability marked as critical has been reported in pyca pyOpenSSL up to 25.x. This affects the function set_cookie_generate_callback of the component Cookie Handler. This manipulation causes buffer overflow.

This vulnerability is tracked as CVE-2026-27459. The attack is possible to be carried out remotely. No exploit exists.

It is suggested to upgrade the affected component.

CVE-2026-27459 | pyca pyOpenSSL up to 25.x Cookie set_cookie_generate_callback buffer overflow (GHSA-5pwr-322w-8jr4)

Post correlati

CVE-2025-27642 | Vasion Print Virtual Appliance Host up to 22.0.932 Driver Package improper authentication

CVE-2024-51138 | DrayTek Vigor LTE200 URL Parser stack-based overflow

CVE-2026-2578 | Mattermost up to 11.3.0 Burn-on-Read Message insertion of sensitive information into sent data

CVE-2025-7980 | Ashlar-Vellum Graphite VC6 File Parser out-of-bounds write