Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2026-47184
PUBLISHED
More InfoOfficial Page
Assigner-GitHub_M
Assigner Org ID-a0819718-46f1-4df5-94e2-005712e83aaa
View Known Exploited Vulnerability (KEV) details
Published At-17 Jul, 2026 | 18:25
Updated At-17 Jul, 2026 | 18:25
Rejected At-
▼CVE Numbering Authority (CNA)
Zeroconf: Unbounded DNS record cache allows LAN-local memory exhaustion via multicast flood

Zeroconf is a pure Python implementation of multicast DNS service discovery. Prior to 0.149.7, DNSCache._async_add inserted every response record into cache, _expirations, _expire_heap, and service_cache without a cap, allowing unauthenticated hosts on the local link over UDP/5353 (224.0.0.251 / ff02::fb) to multicast valid mDNS responses with unique names and cause memory exhaustion, slower cache lookups, slower async_expire passes, and broken discovery, registration, and ServiceBrowser callbacks. This issue is fixed in version 0.149.7.

Affected Products
Vendor
python-zeroconf
Product
python-zeroconf
Versions
Affected
  • < 0.149.7
Problem Types
TypeCWE IDDescription
CWECWE-770CWE-770: Allocation of Resources Without Limits or Throttling
Type: CWE
CWE ID: CWE-770
Description: CWE-770: Allocation of Resources Without Limits or Throttling
Metrics
VersionBase scoreBase severityVector
3.16.5MEDIUM
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Version: 3.1
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://github.com/python-zeroconf/python-zeroconf/security/advisories/GHSA-rfg2-pjw2-56x2
x_refsource_CONFIRM
https://github.com/python-zeroconf/python-zeroconf/issues/1715
x_refsource_MISC
https://github.com/python-zeroconf/python-zeroconf/pull/1718
x_refsource_MISC
https://github.com/python-zeroconf/python-zeroconf/commit/0ad3f37b5b852b8f614d322283d148efb2cef6e4
x_refsource_MISC
https://github.com/python-zeroconf/python-zeroconf/releases/tag/0.149.7
x_refsource_MISC
Hyperlink: https://github.com/python-zeroconf/python-zeroconf/security/advisories/GHSA-rfg2-pjw2-56x2
Resource:
x_refsource_CONFIRM
Hyperlink: https://github.com/python-zeroconf/python-zeroconf/issues/1715
Resource:
x_refsource_MISC
Hyperlink: https://github.com/python-zeroconf/python-zeroconf/pull/1718
Resource:
x_refsource_MISC
Hyperlink: https://github.com/python-zeroconf/python-zeroconf/commit/0ad3f37b5b852b8f614d322283d148efb2cef6e4
Resource:
x_refsource_MISC
Hyperlink: https://github.com/python-zeroconf/python-zeroconf/releases/tag/0.149.7
Resource:
x_refsource_MISC
Details not found