CVE-2026-26007
Vulnerability
CVE-2026-26007
cryptography: cryptography Subgroup Attack Due to Missing Subgroup Validation for SECT Curves
ecosystem: redhat:8, redhat:9cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to 46.0.5, the public_key_from_numbers (or EllipticCurvePublicNumbers.public_key()), EllipticCurvePublicNumbers.public_key(), load_der_public_key() and load_pem_public_key() functions do not verify that the point belongs to the expected prime-order subgroup of the curve. This missing validation allows an attacker to provide a public key point P from a small-order subgroup. This can lead to security issues in various situations, such as the most commonly used signature verification (ECDSA) and shared key negotiation (ECDH). When the victim computes the shared secret as S = [victim_private_key]P via ECDH, this leaks information about victim_private_key mod (small_subgroup_order). For curves with cofactor > 1, this reveals the least significant bits of the private key. When these weak public keys are used in ECDSA , it's easy to forge signatures on the small subgroup. Only SECT curves are impacted by this. This vulnerability is fixed in 46.0.5.
References
- secalert@redhat.com: https://access.redhat.com/security/cve/CVE-2026-26007
- secalert@redhat.com: https://bugzilla.redhat.com/show_bug.cgi?id=2438762
- secalert@redhat.com: https://github.com/pyca/cryptography/commit/0eebb9dbb6343d9bc1d91e5a2482ed4e054a6d8c
- secalert@redhat.com: https://github.com/pyca/cryptography/security/advisories/GHSA-r6ph-v2qm-q3c2
- secalert@redhat.com: https://nvd.nist.gov/vuln/detail/CVE-2026-26007
- secalert@redhat.com: https://www.cve.org/CVERecord?id=CVE-2026-26007
type: vendor
source: secalert@redhat.com
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
| AV | Network | |
|---|---|---|
| AC | High | |
| PR | None | |
| UI | None | |
| S | Not Changed | |
| C | High | |
| I | High | |
| A | None |
source: secalert@redhat.com
Improper Validation of Integrity Check Value
source: secalert@redhat.com
published: 2026-02-10 21:42:56
modified: 2026-02-12 22:34:40
Detection
redhat-vex
OR
 
fence-agents-aliyun
package type: binary
 
fence-agents-all
package type: binary
 
fence-agents-amt-ws
package type: binary
 
fence-agents-apc
package type: binary
 
fence-agents-apc-snmp
package type: binary
 
fence-agents-aws
package type: binary
 
fence-agents-azure-arm
package type: binary
 
fence-agents-bladecenter
package type: binary
 
fence-agents-brocade
package type: binary
 
fence-agents-cisco-mds
package type: binary
 
fence-agents-cisco-ucs
package type: binary
 
fence-agents-common
package type: binary
 
fence-agents-compute
package type: binary
 
fence-agents-drac5
package type: binary
 
fence-agents-eaton-snmp
package type: binary
 
fence-agents-emerson
package type: binary
 
fence-agents-eps
package type: binary
 
fence-agents-gce
package type: binary
 
fence-agents-heuristics-ping
package type: binary
 
fence-agents-hpblade
package type: binary
 
fence-agents-ibm-powervs
package type: binary
 
fence-agents-ibm-vpc
package type: binary
 
fence-agents-ibmblade
package type: binary
 
fence-agents-ifmib
package type: binary
 
fence-agents-ilo-moonshot
package type: binary
 
fence-agents-ilo-mp
package type: binary
 
fence-agents-ilo-ssh
package type: binary
 
fence-agents-ilo2
package type: binary
 
fence-agents-intelmodular
package type: binary
 
fence-agents-ipdu
package type: binary
 
fence-agents-ipmilan
package type: binary
 
fence-agents-kdump
package type: binary
 
fence-agents-kubevirt
package type: binary
 
fence-agents-lpar
package type: binary
 
fence-agents-mpath
package type: binary
 
fence-agents-nutanix-ahv
package type: binary
 
fence-agents-openstack
package type: binary
 
fence-agents-redfish
package type: binary
 
fence-agents-rhevm
package type: binary
 
fence-agents-rsa
package type: binary
 
fence-agents-rsb
package type: binary
 
fence-agents-sbd
package type: binary
 
fence-agents-scsi
package type: binary
 
fence-agents-virsh
package type: binary
 
fence-agents-vmware-rest
package type: binary
 
fence-agents-vmware-soap
package type: binary
 
fence-agents-wti
package type: binary
 
fence-agents-zvm
package type: binary
 
fence-agents
package type: source
tag: rhel-8-including-unpatched:6c8786b8-5912-31dd-5e36-8821e3eaebdc
redhat-vex
OR
 
fence-agents-aliyun
package type: binary
 
fence-agents-all
package type: binary
 
fence-agents-amt-ws
package type: binary
 
fence-agents-apc
package type: binary
 
fence-agents-apc-snmp
package type: binary
 
fence-agents-aws
package type: binary
 
fence-agents-azure-arm
package type: binary
 
fence-agents-bladecenter
package type: binary
 
fence-agents-brocade
package type: binary
 
fence-agents-cisco-mds
package type: binary
 
fence-agents-cisco-ucs
package type: binary
 
fence-agents-common
package type: binary
 
fence-agents-compute
package type: binary
 
fence-agents-drac5
package type: binary
 
fence-agents-eaton-snmp
package type: binary
 
fence-agents-emerson
package type: binary
 
fence-agents-eps
package type: binary
 
fence-agents-gce
package type: binary
 
fence-agents-heuristics-ping
package type: binary
 
fence-agents-hpblade
package type: binary
 
fence-agents-ibm-powervs
package type: binary
 
fence-agents-ibm-vpc
package type: binary
 
fence-agents-ibmblade
package type: binary
 
fence-agents-ifmib
package type: binary
 
fence-agents-ilo-moonshot
package type: binary
 
fence-agents-ilo-mp
package type: binary
 
fence-agents-ilo-ssh
package type: binary
 
fence-agents-ilo2
package type: binary
 
fence-agents-intelmodular
package type: binary
 
fence-agents-ipdu
package type: binary
 
fence-agents-ipmilan
package type: binary
 
fence-agents-kdump
package type: binary
 
fence-agents-kubevirt
package type: binary
 
fence-agents-lpar
package type: binary
 
fence-agents-mpath
package type: binary
 
fence-agents-nutanix-ahv
package type: binary
 
fence-agents-openstack
package type: binary
 
fence-agents-redfish
package type: binary
 
fence-agents-rhevm
package type: binary
 
fence-agents-rsa
package type: binary
 
fence-agents-rsb
package type: binary
 
fence-agents-sbd
package type: binary
 
fence-agents-scsi
package type: binary
 
fence-agents-virsh
package type: binary
 
fence-agents-vmware-rest
package type: binary
 
fence-agents-vmware-soap
package type: binary
 
fence-agents-wti
package type: binary
 
fence-agents-zvm
package type: binary
 
fence-virt
package type: binary
 
fence-virtd
package type: binary
 
fence-virtd-cpg
package type: binary
 
fence-virtd-libvirt
package type: binary
 
fence-virtd-multicast
package type: binary
 
fence-virtd-serial
package type: binary
 
fence-virtd-tcp
package type: binary
 
ha-cloud-support
package type: binary
 
fence-agents
package type: source
tag: rhel-9-including-unpatched:0daa01c5-69be-59cd-61ab-f12589bb955e
Data Sources
- RedHat Enterprise Linux CSAF VEX
redhat-vex
