DEV Community

CVE Reports
CVE Reports

Posted on • Originally published at cvereports.com

CVE-2026-0994: Recursive Hell: Breaking Python Protobuf with Nested 'Any' Messages

#security #cve #cybersecurity

Recursive Hell: Breaking Python Protobuf with Nested 'Any' Messages

Vulnerability ID: CVE-2026-0994
CVSS Score: 8.2
Published: 2026-01-23

A logic flaw in Google's Python Protobuf implementation allows attackers to bypass recursion limits using nested 'Any' types, leading to a Denial of Service via stack exhaustion.

TL;DR

The Python implementation of Protocol Buffers contained a critical oversight in how it parsed 'Well-Known Types' nested inside google.protobuf.Any messages. By recursively nesting Any messages, an attacker could bypass the max_recursion_depth check entirely. This allows a relatively small JSON payload to trigger an infinite recursion loop in the parsing logic, hitting the Python interpreter's stack limit and crashing the application (DoS).

⚠️ Exploit Status: POC

Technical Details

  • CWE: CWE-674 (Uncontrolled Recursion)
  • CVSS v4.0: 8.2 (High)
  • Attack Vector: Network
  • Impact: Availability (DoS)
  • Vulnerable Function: _ConvertAnyMessage
  • Exploit Status: PoC Available

Affected Systems

  • Python applications using google.protobuf library
  • gRPC services accepting JSON transcoding
  • Data pipelines parsing untrusted Protobuf JSON
  • protobuf-python: >= 33.0 (Fixed in: See Vendor Advisory)

Code Analysis

Commit: PR-2523

Fix recursion depth check in Any message parsing

- methodcaller(_WKTJSONMETHODS[full_name][1], value['value'], sub_message, '{0}.value'.format(path))(self)
+ self.ConvertMessage(value['value'], sub_message, '{0}.value'.format(path))
Enter fullscreen mode Exit fullscreen mode

Exploit Details

Mitigation Strategies

  • Upgrade the Protobuf library immediately.
  • Implement input validation on JSON payload depth before parsing.
  • Configure WAF rules to reject excessive nesting.

Remediation Steps:

  1. Update protobuf package: pip install --upgrade protobuf
  2. Verify version is greater than the affected range (check vendor release notes for specific fixed version, typically > 33.0 patch levels).
  3. Audit codebases for usage of json_format.ParseDict and ensure max_recursion_depth is explicitly set (though the patch is required for it to work on Any types).

References

Read the full report for CVE-2026-0994 on our website for more details including interactive diagrams and full exploit analysis.

Top comments (0)