CVE-2026-27459
Received Received - Intake
Buffer Overflow in pyOpenSSL Cookie Callback Causes Memory Corruption

Publication date: 2026-03-18

Last updated on: 2026-03-25

Assigner: GitHub, Inc.

Description
pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 22.0.0 and prior to version 26.0.0, if a user provided callback to `set_cookie_generate_callback` returned a cookie value greater than 256 bytes, pyOpenSSL would overflow an OpenSSL provided buffer. Starting in version 26.0.0, cookie values that are too long are now rejected.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-18
Last Modified
2026-03-25
Generated
2026-06-16
AI Q&A
2026-03-18
EPSS Evaluated
2026-06-15
NVD
CVE-2026-27459
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
pyopenssl pyopenssl From 22.0.0 (inc) to 26.0.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-120 The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-27459 is a buffer overflow vulnerability in the pyOpenSSL library versions 22.0.0 up to but not including 26.0.0. It occurs when a user-supplied callback function, set via `set_cookie_generate_callback` for DTLS cookie generation, returns a cookie value longer than 256 bytes. This oversized cookie causes an overflow of a fixed-size buffer allocated by OpenSSL, leading to potential memory corruption.

The vulnerability was fixed in version 26.0.0 by adding a length check that rejects cookie values exceeding the maximum allowed length, preventing the buffer overflow.

Impact Analysis

This vulnerability can lead to memory corruption due to a buffer overflow when processing DTLS cookies. Memory corruption can cause application crashes, denial of service, or potentially allow an attacker to execute arbitrary code or escalate privileges depending on the context in which pyOpenSSL is used.

Since the vulnerability involves a network security protocol (DTLS), it could be exploited remotely if an attacker can influence the cookie generation callback, making it a moderate severity security risk.

Compliance Impact

I don't know

Detection Guidance

[{'type': 'paragraph', 'content': 'This vulnerability arises when a user-provided callback to set_cookie_generate_callback returns a cookie value exceeding 256 bytes, causing a buffer overflow in pyOpenSSL versions 22.0.0 to before 26.0.0.'}, {'type': 'paragraph', 'content': 'Detection involves verifying if your pyOpenSSL version is between 22.0.0 and before 26.0.0 and if any DTLS cookie generation callbacks return oversized cookies.'}, {'type': 'paragraph', 'content': 'A practical approach is to test the DTLS handshake process with a callback that deliberately returns a cookie longer than 256 bytes and observe if a ValueError is raised, indicating the presence or absence of the fix.'}, {'type': 'paragraph', 'content': 'Since the vulnerability is in the pyOpenSSL library, you can check the installed version with the command:'}, {'type': 'list_item', 'content': 'python -c "import OpenSSL; print(OpenSSL.__version__)"'}, {'type': 'paragraph', 'content': 'To detect attempts to exploit this vulnerability on your network, monitor for abnormal DTLS handshake failures or crashes related to cookie generation.'}] [1, 2]

Mitigation Strategies

The primary mitigation is to upgrade pyOpenSSL to version 26.0.0 or later, where the vulnerability is fixed by rejecting cookie values longer than 256 bytes.

If upgrading immediately is not possible, ensure that any user-provided callbacks to set_cookie_generate_callback do not return cookie values exceeding 256 bytes.

Additionally, monitor your systems for unusual DTLS handshake errors that could indicate exploitation attempts.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-27459. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart