Skip to main content

MessagePack-CSharp CVE-2026-48109

HIGH
Improper Input Validation (CWE-20)
2026-06-11 https://github.com/MessagePack-CSharp/MessagePack-CSharp GHSA-hv8m-jj95-wg3x
Deserialization Denial Of Service
8.2
CVSS 3.1 · Vendor: https://github.com/MessagePack-CSharp/MessagePack-CSharp
Share

Severity by source

Vendor (https://github.com/MessagePack-CSharp/MessagePack-CSharp) PRIMARY
8.2 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
vuln.today AI
6.5 MEDIUM

Network-reachable and unauthenticated, but AC:H because the target must have opted into LZ4 compression on an untrusted-input path; low confidentiality from possible over-read, no integrity impact, high availability from process crash.

3.1 AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
4.0 AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (https://github.com/MessagePack-CSharp/MessagePack-CSharp).

CVSS VectorVendor: https://github.com/MessagePack-CSharp/MessagePack-CSharp

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
High

Lifecycle Timeline

2
Source Code Evidence Fetched
Jun 11, 2026 - 21:21 vuln.today
Analysis Generated
Jun 11, 2026 - 21:21 vuln.today

DescriptionCVE.org

Impact

A vulnerability exists in the optional LZ4 decompression path used by MessagePack compression modes Lz4Block and Lz4BlockArray.

The decoder implementation is based on a deprecated fast-decompression algorithm that does not take a source-length bound. A remote attacker can send a crafted MessagePack payload with manipulated LZ4 token/length fields to force out-of-bounds reads from the compressed input buffer. In affected environments, this can trigger an AccessViolationException during decompression, causing process termination (denial of service). Under some conditions, limited unintended memory disclosure from over-read data may also be possible before failure.

This issue affects applications that deserialize untrusted data while LZ4 compression is enabled.

Patches

The v2 versions are patched as of 2.5.301. The v3 versions are patched as of 3.1.7.

Workarounds

Instead of upgrading, an application may take the following precautions:

  1. Disable LZ4 compression for untrusted input paths (Lz4Block, Lz4BlockArray).
  2. Only accept compressed payloads from strongly trusted producers.
  3. Isolate deserialization in a separate process/container with restart supervision to limit availability impact.

Resources

  • MESSAGEPACKCSHARP-010

AnalysisAI

Denial-of-service in MessagePack-CSharp's optional LZ4 decompression path (Lz4Block and Lz4BlockArray modes) allows remote unauthenticated attackers to crash .NET applications that deserialize untrusted MessagePack payloads. A crafted payload with manipulated LZ4 token/length fields triggers an out-of-bounds read raising an AccessViolationException, and may also leak limited adjacent memory before the process dies. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Identify endpoint accepting MessagePack input
Delivery
Craft payload with oversized LZ4 length token
Exploit
Send payload to deserialization endpoint
Execution
Decoder reads past compressed buffer
Persist
AccessViolationException terminates worker process
Impact
Repeat to sustain denial of service
Sign in to reveal

Vulnerability AssessmentAI

Exploitation Exploitation requires that the target .NET application deserialize attacker-supplied MessagePack data using the Lz4Block or Lz4BlockArray compression modes - applications using MessagePack without LZ4 compression enabled are not affected. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The provided CVSS:3.1 vector AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H (base 8.2) reflects a network-reachable, unauthenticated DoS with low confidentiality impact from possible over-read disclosure - realistic for any service that deserializes MessagePack from clients with LZ4 enabled. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker submits a single crafted MessagePack payload - for example to a public WebSocket, gRPC-over-MessagePack, or HTTP API endpoint that uses MessagePack with LZ4 compression - in which the LZ4 token's literal-length or match-length field encodes a value larger than the remaining compressed bytes. During decompression the decoder dereferences past the source buffer, raising an AccessViolationException that tears down the worker process and denies service to all in-flight users. …
Remediation Vendor-released patch: upgrade MessagePack to 2.5.301 on the v2 branch or 3.1.7 on the v3 branch, per advisory GHSA-hv8m-jj95-wg3x (https://github.com/MessagePack-CSharp/MessagePack-CSharp/security/advisories/GHSA-hv8m-jj95-wg3x). … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Recommended ActionAI

Within 24 hours: Inventory .NET applications using MessagePack-CSharp with LZ4 decompression (Lz4Block or Lz4BlockArray modes) that process untrusted input. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-48109 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy