fix(api): bump cryptography to 46.0.7 in API lockfile for CVE-2026-39892

HugoPBrito · HugoPBrito · commit eb0b1261f613 · 2026-05-04T15:21:50.000+01:00
- Patch out-of-bounds read on non-contiguous buffers in Hash.update et al. in the API image transitively via the prowler SDK pin - Lockfile regen deferred to a follow-up commit on this branch after #10978 lands on master (api/pyproject.toml resolves prowler from git@master, blocking the lock until then)
diff --git a/api/CHANGELOG.md b/api/CHANGELOG.md
@@ -11,6 +11,7 @@ All notable changes to the **Prowler API** are documented in this file.
 ### 🔐 Security
 
 - `trivy` binary in the API image from 0.69.2 to 0.70.0 for CVE-2026-33186
+- `cryptography` from 46.0.6 to 46.0.7 (transitive via prowler SDK) for CVE-2026-39892
 
 ---
 
