diff --git a/agent_requirements.in b/agent_requirements.in
index 722a198af6118..c21092713f48d 100644
--- a/agent_requirements.in
+++ b/agent_requirements.in
@@ -19,7 +19,7 @@ cm-client==45.0.4
 confluent-kafka==2.5.0; python_version > '3.0'
 contextlib2==0.6.0.post1; python_version < '3.0'
 cryptography==3.3.2; python_version < '3.0'
-cryptography==43.0.0; python_version > '3.0'
+cryptography==43.0.1; python_version > '3.0'
 ddtrace==0.32.2; sys_platform == 'win32' and python_version < '3.0'
 ddtrace==0.53.2; sys_platform != 'win32' and python_version < '3.0'
 ddtrace==2.10.6; python_version > '3.0'
diff --git a/cisco_aci/changelog.d/18656.security b/cisco_aci/changelog.d/18656.security
new file mode 100644
index 0000000000000..ad676917cac26
--- /dev/null
+++ b/cisco_aci/changelog.d/18656.security
@@ -0,0 +1 @@
+Bump version of cryptography to 43.0.1 to address vulnerability
\ No newline at end of file
diff --git a/cisco_aci/pyproject.toml b/cisco_aci/pyproject.toml
index aeca1c1467158..7bb25afcdf74b 100644
--- a/cisco_aci/pyproject.toml
+++ b/cisco_aci/pyproject.toml
@@ -39,7 +39,7 @@ license = "BSD-3-Clause"
 [project.optional-dependencies]
 deps = [
     "cryptography==3.3.2; python_version < '3.0'",
-    "cryptography==43.0.0; python_version > '3.0'",
+    "cryptography==43.0.1; python_version > '3.0'",
 ]
 
 [project.urls]
diff --git a/datadog_checks_base/changelog.d/18656.security b/datadog_checks_base/changelog.d/18656.security
new file mode 100644
index 0000000000000..ad676917cac26
--- /dev/null
+++ b/datadog_checks_base/changelog.d/18656.security
@@ -0,0 +1 @@
+Bump version of cryptography to 43.0.1 to address vulnerability
\ No newline at end of file
diff --git a/datadog_checks_base/pyproject.toml b/datadog_checks_base/pyproject.toml
index 259609a8df043..6df12f532226b 100644
--- a/datadog_checks_base/pyproject.toml
+++ b/datadog_checks_base/pyproject.toml
@@ -42,7 +42,7 @@ deps = [
     "cachetools==5.5.0; python_version > '3.0'",
     "contextlib2==0.6.0.post1; python_version < '3.0'",
     "cryptography==3.3.2; python_version < '3.0'",
-    "cryptography==43.0.0; python_version > '3.0'",
+    "cryptography==43.0.1; python_version > '3.0'",
     "ddtrace==0.32.2; sys_platform == 'win32' and python_version < '3.0'",
     "ddtrace==0.53.2; sys_platform != 'win32' and python_version < '3.0'",
     "ddtrace==2.10.6; python_version > '3.0'",
diff --git a/http_check/changelog.d/18656.security b/http_check/changelog.d/18656.security
new file mode 100644
index 0000000000000..ad676917cac26
--- /dev/null
+++ b/http_check/changelog.d/18656.security
@@ -0,0 +1 @@
+Bump version of cryptography to 43.0.1 to address vulnerability
\ No newline at end of file
diff --git a/http_check/pyproject.toml b/http_check/pyproject.toml
index 42e1d4cfc47b0..52bfa44805fe4 100644
--- a/http_check/pyproject.toml
+++ b/http_check/pyproject.toml
@@ -39,7 +39,7 @@ license = "BSD-3-Clause"
 [project.optional-dependencies]
 deps = [
     "cryptography==3.3.2; python_version < '3.0'",
-    "cryptography==43.0.0; python_version > '3.0'",
+    "cryptography==43.0.1; python_version > '3.0'",
     "requests-ntlm==1.1.0; python_version < '3.0'",
     "requests-ntlm==1.3.0; python_version > '3.0'",
 ]
diff --git a/mysql/changelog.d/18656.security b/mysql/changelog.d/18656.security
new file mode 100644
index 0000000000000..ad676917cac26
--- /dev/null
+++ b/mysql/changelog.d/18656.security
@@ -0,0 +1 @@
+Bump version of cryptography to 43.0.1 to address vulnerability
\ No newline at end of file
diff --git a/mysql/pyproject.toml b/mysql/pyproject.toml
index 7ea2d6ec9150a..b9f8ad26088bd 100644
--- a/mysql/pyproject.toml
+++ b/mysql/pyproject.toml
@@ -40,7 +40,7 @@ deps = [
     "cachetools==3.1.1; python_version < '3.0'",
     "cachetools==5.5.0; python_version > '3.0'",
     "cryptography==3.3.2; python_version < '3.0'",
-    "cryptography==43.0.0; python_version > '3.0'",
+    "cryptography==43.0.1; python_version > '3.0'",
     "pymysql==0.10.1; python_version < '3.0'",
     "pymysql==1.1.1; python_version > '3.0'",
 ]
diff --git a/tls/changelog.d/18656.security b/tls/changelog.d/18656.security
new file mode 100644
index 0000000000000..ad676917cac26
--- /dev/null
+++ b/tls/changelog.d/18656.security
@@ -0,0 +1 @@
+Bump version of cryptography to 43.0.1 to address vulnerability
\ No newline at end of file
diff --git a/tls/pyproject.toml b/tls/pyproject.toml
index 316a5f1571d36..06e857cc94911 100644
--- a/tls/pyproject.toml
+++ b/tls/pyproject.toml
@@ -39,7 +39,7 @@ license = "BSD-3-Clause"
 [project.optional-dependencies]
 deps = [
     "cryptography==3.3.2; python_version < '3.0'",
-    "cryptography==43.0.0; python_version > '3.0'",
+    "cryptography==43.0.1; python_version > '3.0'",
     "ipaddress==1.0.23; python_version < '3.0'",
     "service-identity[idna]==21.1.0; python_version < '3.0'",
     "service-identity[idna]==24.1.0; python_version > '3.0'",