CVE-2026-27448
pyOpenSSL allows TLS connection bypass via unhandled callback exception in set_tlsext_servername_callback
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 0.14.0 and prior to version 26.0.0, if a user provided callback to `set_tlsext_servername_callback` raised an unhandled exception, this would result in a connection being accepted. If a user was relying on this callback for any security-sensitive behavior, this could allow bypassing it. Starting in version 26.0.0, unhandled exceptions now result in rejecting the connection.
| CWE | CWE-636 |
| Vendor | pyca |
| Product | pyopenssl |
| Published | Mar 17, 2026 |
| Last Updated | Mar 18, 2026 |
Stay Ahead of the Next One
Get instant alerts for pyca pyopenssl
Be the first to know when new unknown vulnerabilities affecting pyca pyopenssl are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
pyca / pyopenssl
>= 0.14.0, < 26.0.0