CVE-2026-27448

Name	CVE-2026-27448
Description	pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 0.14.0 and prior to version 26.0.0, if a user provided callback to `set_tlsext_servername_callback` raised an unhandled exception, this would result in a connection being accepted. If a user was relying on this callback for any security-sensitive behavior, this could allow bypassing it. Starting in version 26.0.0, unhandled exceptions now result in rejecting the connection.
Source	CVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
pyopenssl (PTS)	bullseye	20.0.1-1	vulnerable
	bookworm	23.0.0-1	vulnerable
	trixie	25.0.0-1	vulnerable
	forky	25.3.0-2	vulnerable
	sid	26.0.0-1	vulnerable

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Origin	Debian Bugs
pyopenssl	source	(unstable)	(unfixed)

Notes

https://github.com/pyca/pyopenssl/security/advisories/GHSA-vp96-hxj8-p424
https://github.com/pyca/pyopenssl/commit/d41a814759a9fb49584ca8ab3f7295de49a85aa0	(26.0.0)