CVE advisoryMEDIUM
CVE-2026-39892
Python cryptography Buffer Overflow Vulnerability
Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.
The `cryptography` package is affected by a buffer overflow vulnerability when non-contiguous buffers are passed to specific APIs. If this is reachable, it could potentially lead to memory corruption. Developers should be aware of this issue when using the package.