RHEL 9 : fence-agents (RHSA-2026:21431)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:21431 advisory. The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or...

Important: Red Hat Security Advisory: fence-agents security update

An update for fence-agents is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

fence-agents security update

An update is available for fence-agents. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The fence-agents packages provide a collection of scripts for handling...

Oracle Linux 9 : fence-agents (ELSA-2026-13917)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-13917 advisory. - bundled pyasn1: fix CVE-2026-30922 Resolves: RHEL-157201 - bundled cryptography: replace with dependency to fix CVE-2026-26007 Tenable has extracted the...

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses cryptography-46.0.3-cp311-abi3-manylinux_2_34_x86_64.whl which is vulnerable to CVE-2026-26007

Summary IBM Maximo Application Suite - Visual Inspection component uses cryptography-46.0.3-cp311-abi3-manylinux234x8664.whl which is vulnerable to CVE-2026-26007 , This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-26007...

RHEL 9 : fence-agents (RHSA-2026:13672)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:13672 advisory. The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or...

Security Bulletin: cryptography Missing Subgroup Validation in EC Public Keys Enables ECDH Key Leakage and ECDSA Forgery

Summary cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to 46.0.5, the publickeyfromnumbers or EllipticCurvePublicNumbers.publickey, EllipticCurvePublicNumbers.publickey, loadderpublickey and loadpempublickey functions do not verify th...

RHEL 8 : fence-agents (RHSA-2026:12176)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:12176 advisory. The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or...

Important: Red Hat Security Advisory: fence-agents security update

An update for fence-agents is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in cryptography-46.0.4-cp38-abi3-manylinux_2_34_x86_64.whl

Summary IBM Watson Discovery Cartridge affected by vulnerability in cryptography-46.0.4-cp38-abi3-manylinux234x8664.whl Vulnerability Details CVEID:CVE-2026-26007 DESCRIPTION: cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to 46.0.5,...

Security Bulletin: IBM Security SOAR is using a component with a known vulnerability (CVE-2026-26007)

Summary IBM Security SOAR uses an older version of the cryptography component that may be identified and exploited. Updates for supported versions have been released which address the issue. It is recommended to upgrade to version 51.0.9.2 Vulnerability Details CVEID:CVE-2026-26007 DESCRIPTION:...

Security Bulletin: IBM SOAR QRadar Plugin App is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM SOAR QRadar Plugin App has addressed the applicable CVEs with an update. Vulnerability Details CVEID:CVE-2026-26007 DESCRIPTION: cryptography is a package...

Security Bulletin: IBM Edge Data Collector uses cryptography-44.0.1-cp39-abi3-manylinux_2_34_x86_64.whl which is vulnerable to CVE-2026-26007.

Summary IBM Edge Data Collector uses cryptography-44.0.1-cp39-abi3-manylinux234x8664.whl which is vulnerable to CVE-2026-26007. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-26007 DESCRIPTION: cryptography is a package designed to expose...

Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring and Dashboard operands are vulnerable to loss of confidentiality (CVE-2026-26007)

Summary Python module cryptography is used by IBM App Connect Enterprise Certified Container. IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use mapping assistance and Dashboard operands that enable the App Connect Enterprise Agent are vulnerable to loss of...

Security Bulletin: IBM Cloud Pak for Data System (CPDS 2.0) - Insufficient Verification in cryptography package

Summary IBM Cloud Pak for Data System CPDS 2.0 uses the Python cryptography package version 3.3.2, which contains a critical vulnerability CVE-2026-26007 affecting elliptic curve cryptography operations. The package fails to verify that public key points belong to the expected prime-order subgrou...

oci-cli-3.76.2-1.1 on GA media (moderate)

oci-cli-3.76.2-1.1 on GA media Announcement ID: openSUSE-SU-2026:10539-1 Rating: moderate Cross-References: CVE-2024-37891 CVE-2024-47081 CVE-2025-47273 CVE-2025-50181 CVE-2025-66418 CVE-2026-21441 CVE-2026-26007 CVSS scores: CVE-2024-37891 SUSE : 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N...

OESA-2026-1672 python-cryptography security update

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Security Fixes: This vulnerability exists in the pyca cryptography library due to missing subgroup validation for SECT curves. An attacker could exploit this to perform subgroup attacks,...

SUSE-SU-2026:20706-1 Security update for python-cryptography

This update for python-cryptography fixes the following issues: - CVE-2026-26007: missing validation can lead to security issues for signature verification ECDSA and shared key negotiation ECDH bsc1258074...

BELL-CVE-2026-26007

Bulletin has no description...

CVE-2026-26007

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to 46.0.5, the publickeyfromnumbers or EllipticCurvePublicNumbers.publickey, EllipticCurvePublicNumbers.publickey, loadderpublickey and loadpempublickey functions do not verify that the...