python-socketio
CVE-2026-48804
HIGH
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Remotely reachable binary path with no auth in vulnerable versions (AV:N/AC:L/PR:N/UI:N), availability-only memory exhaustion (A:H), no confidentiality or integrity impact and no scope change.
Primary rating from GitHub Advisory.
CVSS VectorGitHub Advisory
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
2Blast Radius
ecosystem impact- 7 pypi packages depend on python-socketio (3 direct, 4 indirect)
Ecosystem-wide dependent count for version 5.16.2.
DescriptionGitHub Advisory
Impact
The python-socketio server stores binary EVENT and ACK messages in memory while it waits to receive their binary attachments. Once all the attachments are received, these messages are then processed. An attacker can submit a binary message and intentionally omit sending one or more of its attachments to cause the message along with the partial list of received attachments to stay in memory for a long time.
Patches
Version 5.16.2 takes the following measures to address this issue:
- Binary packets are only accepted from authenticated clients.
- When a client disconnects, the server checks if there is a partial binary message being held for the client and deletes it.
Articles & Coverage 1
AnalysisAI
Memory-exhaustion denial of service in the python-socketio server (Socket.IO for Python, versions <= 5.16.1) lets remote clients pin server memory by sending binary EVENT or ACK packets while deliberately withholding one or more of the declared binary attachments. Because the server buffers the partial message and its received attachments in memory until all attachments arrive, an attacker can repeatedly open such incomplete messages to grow memory consumption unbounded and exhaust server resources. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires that the server accept binary EVENT or ACK messages from the attacker - in vulnerable versions (<= 5.16.1) this path is reachable without authentication, which is why the 5.16.2 fix limits binary packets to authenticated clients. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H, base 7.5) reflects a remotely reachable, low-complexity, availability-only impact with no confidentiality or integrity loss - consistent with a resource-exhaustion DoS rather than data compromise. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker connects to an internet-facing python-socketio server and emits a binary EVENT packet declaring multiple attachments but sends only some (or none) of the attachment frames, then opens many such connections and repeats. Each incomplete message and its buffered attachments remain resident in server memory, and with enough concurrent partial messages the worker's memory is exhausted, degrading or crashing the service. … |
| Remediation | Upgrade to python-socketio 5.16.2 (Vendor-released patch: 5.16.2), which only accepts binary packets from authenticated clients and deletes any partially received binary message held for a client when that client disconnects; install via pip install --upgrade python-socketio and pin >=5.16.2 in dependency manifests. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
24 hours: Inventory all systems running python-socketio <= 5.16.1 and map affected services to business criticality. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
Wazuh SIEM platform versions 4.4.0 through 4.9.0 contain an unsafe deserialization vulnerability in the DistributedAPI t
BentoML version 1.4.2 and earlier contains an unauthenticated remote code execution vulnerability through insecure deser
pgAdmin 4 contains critical remote code execution vulnerabilities in the Query Tool download and Cloud Deployment endpoi
The renderLocalView function in render/views.py in graphite-web in Graphite 0.9.5 through 0.9.10 uses the pickle Python
BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Rated critica
OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCiph
pyLoad download manager version prior to 0.5.0b3.dev77 exposes the Flask SECRET_KEY through an unauthenticated endpoint.
In Mercurial before 4.1.3, "hg serve --stdio" allows remote authenticated users to launch the Python debugger, and conse
Unauthenticated remote code execution in Marimo ≤0.20.4 allows attackers to execute arbitrary system commands via the `/
pyLoad is the free and open-source Download Manager written in pure Python. Rated medium severity (CVSS 5.3), this vulne
Langflow (a visual LLM pipeline builder) contains a critical unauthenticated code execution vulnerability (CVE-2026-3301
Cross-user flow execution in Langflow (< 1.9.1) lets any authenticated API-key holder run another user's flow by passing
Same technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today
GHSA-5w7q-77mv-v69f