Update cryptography dependency to ≥46.0.6 to fix the Security Vulnerability CVE-2026-26007

[nelsonharry]

We are currently evaluating and integrating 'pysaml2' for a SAML-based SSO implementation. However, we are blocked due to a security vulnerability in one of its transitive dependencies.

'pysaml2' depends on 'pyOpenSSL', which in turn restricts the 'cryptography' version to:

cryptography<44,>=41.0.5

This constraint forces the use of an older 'cryptography' version that is affected by the following vulnerability:

• CVE-2026-26007
  https://nvd.nist.gov/vuln/detail/CVE-2026-26007
  Affects: versions up to (excluding) 46.0.5

The latest patched version is:

• cryptography==46.0.6

Because of this CVE, our security/compliance checks are failing, and we are unable to proceed with adopting 'pysaml2' in our SSO implementation. This is currently blocking development and approval processes.

Please update the dependency constraints to allow a secure version of 'cryptography' (≥ 46.0.6), either directly or via compatible updates to 'pyOpenSSL'.

This is an urgent issue for us, as it is blocking our development and deployment.

Thank you for your support.