CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2026-23490

pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.2, a Denial-of-Service issue has been found that leads to memory exhaustion from malformed RELATIVE-OID with excessive continuation octets. This vulnerability is fixed in 0.6.2.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 4.8%

CVSS Severity

CVSS v3 Score 7.5

References

https://github.com/pyasn1/pyasn1/commit/3908f144229eed4df24bd569d16e5991ace44970
https://github.com/pyasn1/pyasn1/releases/tag/v0.6.2
https://github.com/pyasn1/pyasn1/security/advisories/GHSA-63vm-454h-vhhq
https://lists.debian.org/debian-lts-announce/2026/02/msg00002.html

Products affected by CVE-2026-23490

Pyasn1 » Pyasn1 » Version: Any

cpe:2.3:a:pyasn1:pyasn1:*
Debian » Debian Linux » Version: 11.0

cpe:2.3:o:debian:debian_linux:11.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-23490

Products

Pricing

Contact Us