EUVD-2026-23943

AWS Encryption SDK for Python: Key commitment policy bypass via shared key cache...

CVE-2026-6550

Cryptographic algorithm downgrade in the caching layer of Amazon AWS Encryption SDK for Python before version 3.3.1 and before version 4.0.5 might allow an authenticated local threat actor to bypass key commitment policy enforcement via a shared key cache, resulting in ciphertext that can be...

PT-2026-33829

Name of the Vulnerable Software and Affected Versions Amazon AWS Encryption SDK for Python versions prior to 3.3.1 Amazon AWS Encryption SDK for Python versions prior to 4.0.5 Description A cryptographic algorithm downgrade in the caching layer may allow an authenticated local threat actor to...

PUB-A-308405635

In TBD of TBD, there is a possible cryptographic downgrade attack due to a logic error in the code. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

OpenSSL RSA Temporary Key Cryptographic Downgrade Vulnerability

A vulnerability in OpenSSL could allow an unauthenticated, remote attacker to bypass security restrictions. The vulnerability is due to improper handling of an RSA temporary key. An attacker with a privileged network position could exploit the vulnerability by returning a weak temporary RSA key t...