Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-48487

Summary
Assigner-GitHub_M
Assigner Org ID-a0819718-46f1-4df5-94e2-005712e83aaa
Published At-17 Jul, 2026 | 18:28
Updated At-17 Jul, 2026 | 18:28
Rejected At-
Credits

Zeroconf: Unvalidated rdlength in record payload readers allows LAN-local cache corruption via crafted mDNS packet

Zeroconf is a pure Python implementation of multicast DNS service discovery. Prior to 0.149.16, _read_character_string and _read_string in src/zeroconf/_protocol/incoming.py advanced self.offset by attacker-declared RDLENGTH without checking it against self._data_len, allowing unauthenticated hosts on the local link over UDP/5353 (224.0.0.251 / ff02::fb) to send a TXT, HINFO, or A/AAAA record with rdlength=65535 and seed DNSCache and ServiceInfo.properties with truncated, attacker-shaped key/value or address records. This issue is fixed in version 0.149.16.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:GitHub_M
Assigner Org ID:a0819718-46f1-4df5-94e2-005712e83aaa
Published At:17 Jul, 2026 | 18:28
Updated At:17 Jul, 2026 | 18:28
Rejected At:
▼CVE Numbering Authority (CNA)
Zeroconf: Unvalidated rdlength in record payload readers allows LAN-local cache corruption via crafted mDNS packet

Zeroconf is a pure Python implementation of multicast DNS service discovery. Prior to 0.149.16, _read_character_string and _read_string in src/zeroconf/_protocol/incoming.py advanced self.offset by attacker-declared RDLENGTH without checking it against self._data_len, allowing unauthenticated hosts on the local link over UDP/5353 (224.0.0.251 / ff02::fb) to send a TXT, HINFO, or A/AAAA record with rdlength=65535 and seed DNSCache and ServiceInfo.properties with truncated, attacker-shaped key/value or address records. This issue is fixed in version 0.149.16.

Affected Products
Vendor
python-zeroconf
Product
python-zeroconf
Versions
Affected
  • < 0.149.16
Problem Types
TypeCWE IDDescription
CWECWE-130CWE-130: Improper Handling of Length Parameter Inconsistency
Type: CWE
CWE ID: CWE-130
Description: CWE-130: Improper Handling of Length Parameter Inconsistency
Metrics
VersionBase scoreBase severityVector
4.05.3MEDIUM
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
Version: 4.0
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://github.com/python-zeroconf/python-zeroconf/security/advisories/GHSA-qc2x-6f54-m6h9
x_refsource_CONFIRM
https://github.com/python-zeroconf/python-zeroconf/issues/1752
x_refsource_MISC
https://github.com/python-zeroconf/python-zeroconf/pull/1756
x_refsource_MISC
https://github.com/python-zeroconf/python-zeroconf/commit/544449596e645fcaad3834fa0cb614a54f847a82
x_refsource_MISC
https://github.com/python-zeroconf/python-zeroconf/releases/tag/0.149.16
x_refsource_MISC
Hyperlink: https://github.com/python-zeroconf/python-zeroconf/security/advisories/GHSA-qc2x-6f54-m6h9
Resource:
x_refsource_CONFIRM
Hyperlink: https://github.com/python-zeroconf/python-zeroconf/issues/1752
Resource:
x_refsource_MISC
Hyperlink: https://github.com/python-zeroconf/python-zeroconf/pull/1756
Resource:
x_refsource_MISC
Hyperlink: https://github.com/python-zeroconf/python-zeroconf/commit/544449596e645fcaad3834fa0cb614a54f847a82
Resource:
x_refsource_MISC
Hyperlink: https://github.com/python-zeroconf/python-zeroconf/releases/tag/0.149.16
Resource:
x_refsource_MISC
Information is not available yet

Similar CVEs

0Records found

Details not found