Add CVSS 3.1 score for GHSA-r6ph-v2qm-q3c2 (cryptography Subgroup Attack)

[sunnypatell]

Changes

Added missing CVSS 3.1 scoring to GHSA-r6ph-v2qm-q3c2 (Python cryptography Subgroup Attack on SECT Curves).

Added:

• CVSS 3.1 vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N (7.4 High)

Reason for change

This advisory had no CVSS 3.1 score. NVD only provides CVSS 4.0 scoring (8.2) for CVE-2026-26007. Adding a CVSS 3.1 vector ensures broader compatibility with vulnerability management tools that rely on CVSS 3.1 for severity assessment.

CVSS justification

• AV:N because the subgroup attack targets ECDH key exchanges performed over the network (TLS, SSH, any protocol using the affected SECT binary curves)
• AC:H because exploitation requires the target to be using one of the specific vulnerable SECT binary curves (sect163k1, sect163r2, sect233k1, sect233r1, sect283k1, sect283r1, sect409k1, sect409r1, sect571k1, sect571r1), which are uncommon in practice compared to prime curves like P-256/P-384
• PR:N because the attacker is an unauthenticated network peer participating in key exchange
• UI:N because ECDH key exchanges are processed automatically during protocol handshakes
• C:H because the missing subgroup validation allows the attacker to recover private key bits through a small-subgroup/invalid-curve attack
• I:H because a recovered ECDH private key enables signature forgery (ECDSA) and key impersonation. The CVSS 4.0 vector uses VI:N but this underrates the integrity impact: private key recovery directly enables forging signatures for the same key pair
• A:N because the attack does not affect availability

The difference from the CVSS 4.0 vector (which uses VI:N) is justified because subgroup attacks on elliptic curves are a well-documented class that enables both key recovery (C:H) and signature forgery (I:H). Discovered by Tencent Xuanwu Lab's Atuin Automated Vulnerability Discovery Engine.

Supporting links

• NVD entry: https://nvd.nist.gov/vuln/detail/CVE-2026-26007
• Fix commit: pyca/cryptography@0eebb9d
• Advisory: GHSA-r6ph-v2qm-q3c2

[Copilot]

Pull request overview

This PR adds a missing CVSS 3.1 score to the security advisory GHSA-r6ph-v2qm-q3c2, which documents a subgroup attack vulnerability in the Python cryptography library affecting SECT elliptic curves. The advisory previously only had CVSS 4.0 scoring from NVD. Adding CVSS 3.1 scoring (vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N, score: 7.4 High) ensures broader compatibility with vulnerability management tools that rely on CVSS 3.1 for severity assessment.

Changes:

• Added CVSS 3.1 severity entry with vector string and score to the advisory JSON file

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[yhidad31]

Hello @sunnypatell. The GitHub Advisory Database Team includes both CVSS 4.0 and 3.1 scores in advisories only when both values have been provided by the CVE-assigning CNA. We do not combine NVD scores with CNA scores. Therefore, we will close this pull request and will not accept the contribution.