An update for python-cryptography is now available for openEuler-24.03-LTS Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2026-1669 Final 1.0 1.0 2026-03-20 Initial 2026-03-20 2026-03-20 openEuler SA Tool V1.0 2026-03-20 python-cryptography security update An update for python-cryptography is now available for openEuler-24.03-LTS cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Security Fix(es): This vulnerability exists in the pyca cryptography library due to missing subgroup validation for SECT curves. An attacker could exploit this to perform subgroup attacks, potentially leading to security bypass.(CVE-2026-26007) An update for python-cryptography is now available for openEuler-24.03-LTS. openEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. High python-cryptography https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1669 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2026-26007 https://nvd.nist.gov/vuln/detail/CVE-2026-26007 openEuler-24.03-LTS python-cryptography-help-42.0.2-9.oe2403.noarch.rpm python-cryptography-42.0.2-9.oe2403.src.rpm python-cryptography-debuginfo-42.0.2-9.oe2403.aarch64.rpm python-cryptography-debugsource-42.0.2-9.oe2403.aarch64.rpm python3-cryptography-42.0.2-9.oe2403.aarch64.rpm python-cryptography-debuginfo-42.0.2-9.oe2403.x86_64.rpm python-cryptography-debugsource-42.0.2-9.oe2403.x86_64.rpm python3-cryptography-42.0.2-9.oe2403.x86_64.rpm This vulnerability exists in the pyca cryptography library due to missing subgroup validation for SECT curves. An attacker could exploit this to perform subgroup attacks, potentially leading to security bypass. 2026-03-20 CVE-2026-26007 openEuler-24.03-LTS High 8.2 AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N python-cryptography security update 2026-03-20 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1669