You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve 2026 33936
About this tag
CVE-2026-33936 is a denial-of-service vulnerability in python-ecdsa caused by improper DER length validation in crafted private keys. Microsoft classifies the impact as a DoS or availability degradation issue, meaning an attacker may reduce performance or cause intermittent interruptions rather than a full service outage. This distinction is important for defenders: the flaw is worth taking seriously anywhere untrusted private-key material can be introduced into a processing path. The underlying library has a long-standing security caveat. WindowsForum.com discussions cover the technical details, affected versions, and mitigation strategies for this CVE.
A newly disclosed weakness in python-ecdsa — tracked as CVE-2026-33936 — is a denial-of-service issue tied to improper DER length validation in crafted private keys. Microsoft classifies the impact as a DoS / availability degradation problem rather than a full service outage, which is an...