CVE-2026-26007: High-Severity Flaw in Python Cryptography Library Exposes ECDSA/ECDH to Subgroup Attacks

A critical vulnerability in the widely-used Python `cryptography` library exposes core cryptographic operations to potential subgroup attacks. Tracked as CVE-2026-26007, the high-severity flaw stems from missing validation in key-loading functions, allowing an attacker to supply a public key from a small-order subgroup. This missing check can compromise the security of signature verification (ECDSA) and shared key negotiation (ECDH), potentially leaking information when a victim computes a shared secret.

The vulnerability resides in the `public_key_from_numbers`, `EllipticCurvePublicNumbers.public_key()`, `load_der_public_key()`, and `load_pem_public_key()` functions in versions prior to 46.0.5. These functions fail to verify that a provided public key point belongs to the expected prime-order subgroup of the SECT elliptic curve. An attacker exploiting this could cause a victim's system to compute a shared secret using a maliciously crafted low-order point, which may leak information about the victim's private key.

This flaw poses a direct risk to any Python application relying on the library for secure communications, digital signatures, or key exchange. The issue was flagged by the Trivy security scanner in a CI/CD workflow, highlighting its relevance to DevSecOps pipelines. Developers must urgently upgrade to `cryptography` version 46.0.5 or later to patch the vulnerability and prevent potential exploitation in production environments.