Skip to main content

pymonocypher CVE-2026-53720

MEDIUM
Heap-based Buffer Overflow (CWE-122)
2026-07-09 https://github.com/jetperch/pymonocypher GHSA-8f95-v3jq-cj86
Share

Severity by source

vuln.today AI
8.1 HIGH

Local vector since exploitation occurs via library API call; high complexity because undersized nb_blocks must be supplied; scope changed due to heap corruption potentially affecting surrounding process memory beyond the function.

3.1 AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:H
4.0 AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N

Lifecycle Timeline

1
Analysis Generated
Jul 09, 2026 - 14:37 vuln.today

DescriptionCVE.org

Impact

The argon2i_32 implementation does not check the nb_blocks size. If the caller does not provide a sufficiently large buffer based on the API contract, then argon2i_32 will write past the end of the buffer and possibly corrupt the heap.

Patches

Fixed in 4.0.2.8, which now verifies that nb_blocks is large enough. See 90ff5b1.

Workarounds

Provide a correctly sized nb_blocks buffer.

pymonocypher thanks Haris (hextheshadow) for the vulnerability report, details, and recommended fix.

AnalysisAI

Heap buffer overflow in pymonocypher's argon2i_32 function allows memory corruption when callers supply an undersized nb_blocks buffer, violating the library's API contract without triggering any bounds check. Applications using pymonocypher prior to version 4.0.2.8 that invoke the Argon2i password-hashing interface are at risk of heap corruption, which can produce crashes or potentially enable controlled memory writes. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Attacker supplies or manipulates nb_blocks sizing input
Delivery
Application calls argon2i_32 with undersized buffer
Exploit
Missing size validation skipped in library
Execution
Write proceeds past heap allocation boundary
Persist
Heap metadata or adjacent objects corrupted
Impact
Denial of service or memory corruption impact achieved

Vulnerability AssessmentAI

Exploitation Exploitation requires that argon2i_32 be called with an nb_blocks buffer smaller than the minimum required by the Argon2i algorithm's memory requirements. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment No CVSS vector has been published by NVD or the vendor for this vulnerability, and no EPSS score or CISA KEV listing is available, eliminating the primary quantitative risk signals. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An application using pymonocypher calculates or accepts externally influenced input for the nb_blocks argument and passes an undersized buffer to argon2i_32; the missing size check allows the function to write beyond the heap allocation, corrupting adjacent heap metadata. No public exploit code has been identified at time of analysis, but a crafted nb_blocks value that causes a minimal size underestimate could trigger reliable heap corruption in a tight feedback loop, potentially enabling process crashes or - depending on heap layout - controlled writes.
Remediation Upgrade pymonocypher to version 4.0.2.8 or later; this release adds nb_blocks size validation in argon2i_32 and is the primary fix. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-53720 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy