Skip to main content

python-zeroconf CVE-2026-47180

MEDIUM
Uncontrolled Recursion (CWE-674)
2026-05-29 https://github.com/python-zeroconf/python-zeroconf GHSA-9pgc-3ccv-5297
6.5
CVSS 3.1 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
6.5 MEDIUM
AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
SUSE
MEDIUM
qualitative

Primary rating from GitHub Advisory.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

3
Source Code Evidence Fetched
May 29, 2026 - 20:37 vuln.today
Analysis Generated
May 29, 2026 - 20:37 vuln.today
CVE Published
May 29, 2026 - 20:09 nvd
MEDIUM 6.5

DescriptionGitHub Advisory

Impact

DNSIncoming._decode_labels_at_offset recurses once per DNS-name compression pointer (RFC 1035 §4.1.4). Pointer cycles and label counts were capped, but the chain length of unique forward pointers was not. A single ~3 kB mDNS packet carrying ~1500 chained pointers drives the recursion past CPython's default limit, and RecursionError was not listed in DECODE_EXCEPTIONS, so it escaped DNSIncoming.__init__ and was logged by asyncio's default exception handler.

Any unauthenticated host on the local link (UDP/5353, 224.0.0.251 / ff02::fb) can degrade the mDNS listener; that includes a guest on the same Wi-Fi, a compromised IoT device, or a container on a shared bridge. Replaying at a few hertz produces sustained CPU burn and log flooding, and mDNS-dependent features (HomeKit, Chromecast/Matter, AirPlay, printers) degrade while the attack is in flight.

Patches

Fixed in zeroconf 0.149.5 (PR #1719). Upgrade to >= 0.149.5.

Workarounds

There is no in-process workaround; upgrading is the fix. Otherwise, restrict mDNS (UDP/5353) to trusted Layer-2 segments via AP client isolation, guest-network separation, or host firewall rules.

Resources

AnalysisAI

Uncontrolled recursion in python-zeroconf's mDNS DNS name decoder (versions < 0.149.5) allows any unauthenticated host on the local link to crash or degrade the mDNS listener with a single ~3 kB packet. The _decode_labels_at_offset method recurses once per DNS compression pointer (RFC 1035 §4.1.4) with no cap on unique forward-pointer chain depth; a packet carrying ~1500 chained pointers overflows CPython's default call stack, and because RecursionError was omitted from DECODE_EXCEPTIONS, the exception escaped DNSIncoming.__init__ rather than being handled gracefully. Replaying at a few hertz produces sustained CPU burn, log flooding, and degradation of all mDNS-dependent services (HomeKit, Chromecast/Matter, AirPlay, network printers); no public exploit identified at time of analysis, but the attack is trivially constructible from the published advisory and test fixture in PR #1719.

Technical ContextAI

The affected component is the pure-Python (and optionally Cython-compiled) mDNS/Zeroconf implementation zeroconf distributed via PyPI (CPE: pkg:pip/zeroconf < 0.149.5). The library implements RFC 6762 Multicast DNS and RFC 1035 DNS wire format parsing. DNS name compression (RFC 1035 §4.1.4) allows labels to be represented as 2-byte pointers to other offsets in the same packet; the decoder _decode_labels_at_offset followed each pointer with a recursive call. Pointer cycles were guarded by a seen_pointers set, and label counts were capped, but the total depth of unique forward-pointer chains - which can be arbitrarily long without cycling - was never bounded. CWE-674 (Uncontrolled Recursion) is the root cause: the recursion depth grows linearly with the number of unique pointers in the packet, and CPython's default sys.setrecursionlimit (typically 1000) is easily exceeded by a chain of ~1500 pointers embedded in a ~3 kB UDP datagram. The compounding defect was that RecursionError was not included in the tuple DECODE_EXCEPTIONS, so instead of being caught and marking the packet invalid, it propagated to asyncio's uncaught-exception handler, leaving the listener in an inconsistent state.

RemediationAI

Upgrade the zeroconf PyPI package to version 0.149.5 or later (pip install 'zeroconf>=0.149.5'). The fix, confirmed in PR #1719 (https://github.com/python-zeroconf/python-zeroconf/pull/1719), applies two changes: it adds a depth parameter to _decode_labels_at_offset and raises IncomingDecodeError when the chain exceeds MAX_DNS_LABELS, and it adds RecursionError to DECODE_EXCEPTIONS so any bypass of the depth check is also caught cleanly. There is no in-process workaround per the vendor advisory. If upgrading immediately is not possible, restrict mDNS traffic at the network boundary: enable AP client isolation on Wi-Fi access points to prevent station-to-station UDP traffic on port 5353; apply host firewall rules (e.g., iptables -A INPUT -p udp --dport 5353 ! -i lo -j DROP on trusted-interface-only setups) to block mDNS from untrusted interfaces; and separate guest or IoT VLANs from production segments. Note that blocking UDP/5353 will break all mDNS-dependent service discovery (HomeKit, AirPlay, Chromecast/Matter, Bonjour printers) on the restricted segments - this is an availability trade-off that must be evaluated per deployment.

More in Python

View all
CVE-2025-24016 CRITICAL POC
9.9 Feb 10

Wazuh SIEM platform versions 4.4.0 through 4.9.0 contain an unsafe deserialization vulnerability in the DistributedAPI t

CVE-2025-27520 CRITICAL POC
9.8 Apr 04

BentoML version 1.4.2 and earlier contains an unauthenticated remote code execution vulnerability through insecure deser

CVE-2025-2945 CRITICAL POC
9.9 Apr 03

pgAdmin 4 contains critical remote code execution vulnerabilities in the Query Tool download and Cloud Deployment endpoi

CVE-2013-5093 MEDIUM POC
6.8 Sep 27

The renderLocalView function in render/views.py in graphite-web in Graphite 0.9.5 through 0.9.10 uses the pickle Python

CVE-2025-32375 CRITICAL POC
9.8 Apr 09

BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Rated critica

CVE-2014-0224 HIGH POC
7.4 Jun 05

OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCiph

CVE-2024-21644 HIGH POC
7.5 Jan 08

pyLoad download manager version prior to 0.5.0b3.dev77 exposes the Flask SECRET_KEY through an unauthenticated endpoint.

CVE-2017-9462 HIGH POC
8.8 Jun 06

In Mercurial before 4.1.3, "hg serve --stdio" allows remote authenticated users to launch the Python debugger, and conse

CVE-2026-39987 CRITICAL POC
9.3 Apr 08

Unauthenticated remote code execution in Marimo ≤0.20.4 allows attackers to execute arbitrary system commands via the `/

CVE-2024-21645 MEDIUM POC
5.3 Jan 08

pyLoad is the free and open-source Download Manager written in pure Python. Rated medium severity (CVSS 5.3), this vulne

CVE-2026-33017 CRITICAL POC
9.3 Mar 17

Langflow (a visual LLM pipeline builder) contains a critical unauthenticated code execution vulnerability (CVE-2026-3301

CVE-2026-55255 HIGH POC
8.4 Jun 19

Cross-user flow execution in Langflow (< 1.9.1) lets any authenticated API-key holder run another user's flow by passing

Vendor StatusVendor

SUSE

Severity: Moderate

Share

CVE-2026-47180 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy