CVE-2026-0994 – A denial-of-service vulnerability exists in Goo... (How to Fix)

Q: What is the severity of CVE-2026-0994?

CVE-2026-0994 has a CVSS score of N/A (Unknown). A denial-of-service vulnerability exists in Google's Protocol Buffers Python library where the max_recursion_depth limit can be bypassed when parsing nested google.protobuf.Any messages. This allows attackers to cause RecursionError crashes by supplying deeply nested structures, affecting any Python application using protobuf's json_format.ParseDict() function with untrusted input.

📋 TL;DR

A denial-of-service vulnerability exists in Google's Protocol Buffers Python library where the max_recursion_depth limit can be bypassed when parsing nested google.protobuf.Any messages. This allows attackers to cause RecursionError crashes by supplying deeply nested structures, affecting any Python application using protobuf's json_format.ParseDict() function with untrusted input.

💻 Affected Systems

Products:

google.protobuf Python library

Versions: All versions before the fix in PR #25239

Operating Systems: All operating systems running Python

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects applications using json_format.ParseDict() with google.protobuf.Any messages and untrusted input. The vulnerability is in the parsing logic itself, not dependent on specific configurations.

⚠️ Manual Verification Required

This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.

Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).

🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.

Recommended Actions:

Review the CVE details at NVD
Check vendor security advisories for your specific version
Test if the vulnerability is exploitable in your environment
Consider updating to the latest version as a precaution

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete service unavailability due to RecursionError crashes, potentially leading to extended downtime and requiring service restarts.

🟠

Likely Case

Intermittent service disruptions when processing malicious payloads, causing degraded performance and potential data loss for in-flight requests.

🟢

If Mitigated

Minimal impact with proper input validation and recursion limits, though some performance degradation may occur during attack attempts.

🌐 Internet-Facing: HIGH - Any internet-facing service using vulnerable protobuf parsing with untrusted input is susceptible to DoS attacks.

🏢 Internal Only: MEDIUM - Internal services could be affected if they process untrusted data, but attack surface is more limited.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY - Simple to craft malicious payloads once the bypass technique is understood.

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW - Requires only crafting nested Any structures in JSON format.

Exploitation requires the ability to send input to the vulnerable ParseDict() function. No authentication or special privileges needed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Version containing PR #25239 fix (specific version number not provided in reference)

Vendor Advisory: https://github.com/protocolbuffers/protobuf/pull/25239

Restart Required: No

Instructions:

Update protobuf Python package to version containing PR #25239 fix
Run: pip install --upgrade protobuf
Verify installation with: pip show protobuf

🔧 Temporary Workarounds

Input validation and recursion limiting

all

Implement custom input validation to limit nesting depth before passing to ParseDict()

Implement custom JSON parsing with depth checking before calling ParseDict()

Rate limiting and request filtering

all

Apply rate limiting and size restrictions to incoming requests containing JSON data

Configure web server/API gateway to limit request size and rate

🧯 If You Can't Patch

Implement strict input validation to reject deeply nested JSON structures before they reach ParseDict()
Deploy WAF rules to block requests with excessive nesting in JSON payloads

🔍 How to Verify

Check if Vulnerable:

Check if application uses google.protobuf.json_format.ParseDict() with untrusted input and test with nested Any structures

Check Version:

python -c "import google.protobuf; print(google.protobuf.__version__)"

Verify Fix Applied:

Test with malicious nested payload that previously caused RecursionError - should now be properly rejected or handled

📡 Detection & Monitoring

Log Indicators:

RecursionError exceptions in application logs
Stack trace containing google.protobuf.json_format
Sudden service restarts after processing JSON input

Network Indicators:

Large JSON payloads with repeated nested structures
Multiple rapid requests with similar JSON patterns

SIEM Query:

source="application.log" AND "RecursionError" AND "google.protobuf"

📊 Metadata

CVE ID: CVE-2026-0994

CVSS v3 Score: N/A (Unknown)

CWE: CWE-674

EPSS Score: 0.02% exploit probability (4.8th percentile)

Published: January 23, 2026

Last Updated: January 26, 2026

🔗 References

https://github.com/protocolbuffers/protobuf/pull/25239

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2026-0994, you might also want to check these: