Skip to main content

Python CVE-2026-32874

HIGH
Memory Leak (CWE-401)
2026-03-18 https://github.com/ultrajson/ultrajson GHSA-wgvc-ghv9-3pmm
7.5
CVSS 3.1 · Vendor: https://github.com/ultrajson/ultrajson
Share

Severity by source

Vendor (https://github.com/ultrajson/ultrajson) PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Red Hat
7.5 HIGH
qualitative

Primary rating from Vendor (https://github.com/ultrajson/ultrajson).

CVSS VectorVendor: https://github.com/ultrajson/ultrajson

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

3
Analysis Generated
Mar 18, 2026 - 13:15 vuln.today
Patch released
Mar 18, 2026 - 13:15 nvd
Patch available
CVE Published
Mar 18, 2026 - 13:01 nvd
HIGH 7.5

Blast Radius

ecosystem impact
† from your stack dependencies † transitive graph · vuln.today resolves 4-path depth
  • 26 pypi packages depend on ujson (22 direct, 4 indirect)

Ecosystem-wide dependent count for version 5.4.0.

DescriptionCVE.org

Summary

ujson 5.4.0 to 5.11.0 inclusive contain an accumulating memory leak in JSON parsing _large_ (outside of the range [-2^63, 2^64 - 1]) integers.

Exploitability

Any service that calls ujson.load()/ujson.loads()/ujson.decode() on untrusted inputs is affected and vulnerable to denial of service attacks.

Details

The leaked memory is a copy of the string form of the integer plus an additional NULL byte. The leak occurs irrespective of whether the integer parses successfully or is rejected due to having more than sys.get_int_max_str_digits() digits, meaning that any sized leak per malicious JSON can be achieved provided that there is no limit on the overall size of the payload.

python
ujson.loads(str(2 ** 64 - 1))
# No leak
ujson.loads(str(2 ** 64))
# Leaks
ujson.loads(str(10 ** sys.get_int_max_str_digits()))
# Leaks and raises ValueError
Fix

The leak is fixed in ujson 5.12.0 (4baeb950df780092bd3c89fc702a868e99a3a1d2). There are no workarounds beyond upgrading to an unaffected version.

Credits

Discovered by Cameron Criswell/Skevros using Coverage-guided fuzzing (libFuzzer + AddressSanitizer)

AnalysisAI

ujson versions 5.4.0 through 5.11.0 contain a memory leak in JSON parsing of large integers outside the range [-2^63, 2^64 - 1], allowing remote denial of service attacks against services processing untrusted JSON input. An attacker can craft malicious JSON payloads with oversized integers to exhaust memory and crash vulnerable applications. A patch is available.

Technical ContextAI

ujson (ultrajson) is a fast JSON encoder and decoder written in C for Python, distributed via PyPI (pkg:pip/ujson). The vulnerability is classified as CWE-401 (Missing Release of Memory after Effective Lifetime), occurring specifically in the integer parsing routines when handling values outside the signed 64-bit and unsigned 64-bit integer ranges. When ujson.load(), ujson.loads(), or ujson.decode() encounters these large integers, it allocates memory for a string copy of the integer value plus a NULL byte but fails to properly deallocate this memory. The leak occurs regardless of whether the integer is successfully parsed or rejected due to exceeding Python's sys.get_int_max_str_digits() limit, meaning attackers can craft arbitrarily large integers to maximize memory consumption per request without overall payload size constraints.

RemediationAI

Upgrade ujson to version 5.12.0 or later immediately, which contains the fix implemented in commit 4baeb950df780092bd3c89fc702a868e99a3a1d2. The official release is available at https://github.com/ultrajson/ultrajson/releases/tag/5.12.0 and can be installed via pip with 'pip install --upgrade ujson>=5.12.0'. According to the security advisory at https://github.com/ultrajson/ultrajson/security/advisories/GHSA-wgvc-ghv9-3pmm, there are no workarounds available beyond upgrading to an unaffected version. Organizations unable to immediately upgrade should consider implementing application-level controls such as strict input validation to reject JSON payloads containing integers exceeding expected ranges, request rate limiting, and memory consumption monitoring with automatic service restarts to mitigate denial of service impact.

More in Python

View all
CVE-2025-24016 CRITICAL POC
9.9 Feb 10

Wazuh SIEM platform versions 4.4.0 through 4.9.0 contain an unsafe deserialization vulnerability in the DistributedAPI t

CVE-2025-27520 CRITICAL POC
9.8 Apr 04

BentoML version 1.4.2 and earlier contains an unauthenticated remote code execution vulnerability through insecure deser

CVE-2025-2945 CRITICAL POC
9.9 Apr 03

pgAdmin 4 contains critical remote code execution vulnerabilities in the Query Tool download and Cloud Deployment endpoi

CVE-2013-5093 MEDIUM POC
6.8 Sep 27

The renderLocalView function in render/views.py in graphite-web in Graphite 0.9.5 through 0.9.10 uses the pickle Python

CVE-2025-32375 CRITICAL POC
9.8 Apr 09

BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Rated critica

CVE-2014-0224 HIGH POC
7.4 Jun 05

OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCiph

CVE-2024-21644 HIGH POC
7.5 Jan 08

pyLoad download manager version prior to 0.5.0b3.dev77 exposes the Flask SECRET_KEY through an unauthenticated endpoint.

CVE-2017-9462 HIGH POC
8.8 Jun 06

In Mercurial before 4.1.3, "hg serve --stdio" allows remote authenticated users to launch the Python debugger, and conse

CVE-2026-39987 CRITICAL POC
9.3 Apr 08

Unauthenticated remote code execution in Marimo ≤0.20.4 allows attackers to execute arbitrary system commands via the `/

CVE-2024-21645 MEDIUM POC
5.3 Jan 08

pyLoad is the free and open-source Download Manager written in pure Python. Rated medium severity (CVSS 5.3), this vulne

CVE-2026-33017 CRITICAL POC
9.3 Mar 17

Langflow (a visual LLM pipeline builder) contains a critical unauthenticated code execution vulnerability (CVE-2026-3301

CVE-2026-55255 HIGH POC
8.4 Jun 19

Cross-user flow execution in Langflow (< 1.9.1) lets any authenticated API-key holder run another user's flow by passing

Vendor StatusVendor

Share

CVE-2026-32874 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy