CVE-2026-23490

pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.2, a Denial-of-Service issue has been found that leads to memory exhaustion from malformed RELATIVE-OID with excessive continuation octets. This vulnerability is fixed in 0.6.2.

Published Jan 17, 2026

https://github.com/advisories/GHSA-63vm-454h-vhhq

CVSS ScoreHigh

7.5

Ecosystem	Package	Version

Ecosystem	Package	Version

Vulnerabilities

CVE-2026-23490

pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.2, a Denial-of-Service issue has been found that leads to memory exhaustion from malformed RELATIVE-OID with excessive continuation octets. This vulnerability is fixed in 0.6.2.

Published Jan 17, 2026

https://github.com/advisories/GHSA-63vm-454h-vhhq

CVSS ScoreHigh

7.5


pypi	pyasn1	0.6.1
rpm	python-pyasn1	0.6.1-1.el8

Ecosystem	Package	Version


pypi	pyasn1	0.6.1
rpm	python-pyasn1	0.6.1-1.el8

Find vulnerabilities. Fix fast with AI.

CVE-2026-23490

CVE-2026-23490