{"id":"PYSEC-2026-1806","summary":"protobuf-python has a potential Denial of Service issue","details":"### Summary\nAny project that uses Protobuf pure-Python backend to parse untrusted Protocol Buffers data containing an arbitrary number of **recursive groups**, **recursive messages** or **a series of [`SGROUP`](https://protobuf.dev/programming-guides/encoding/#groups) tags** can be corrupted by exceeding the Python recursion limit.\n\nReporter: Alexis Challande, Trail of Bits Ecosystem Security Team\n[ecosystem@trailofbits.com](mailto:ecosystem@trailofbits.com)\n\nAffected versions: This issue only affects the [pure-Python implementation](https://github.com/protocolbuffers/protobuf/tree/main/python#implementation-backends) of protobuf-python backend. This is the implementation when `PROTOCOL_BUFFERS_PYTHON_IMPLEMENTATION=python` environment variable is set or the default when protobuf is used from Bazel or pure-Python PyPi wheels. CPython PyPi wheels do not use pure-Python by default.\n\nThis is a Python variant of a [previous issue affecting protobuf-java](https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-735f-pc8j-v9w8).\n\n### Severity\nThis is a potential Denial of Service. Parsing nested protobuf data creates unbounded recursions that can be abused by an attacker.\n\n### Proof of Concept\nFor reproduction details, please refer to the unit tests [decoder_test.py](https://github.com/protocolbuffers/protobuf/blob/main/python/google/protobuf/internal/decoder_test.py#L87-L98) and [message_test](https://github.com/protocolbuffers/protobuf/blob/main/python/google/protobuf/internal/message_test.py#L1436-L1478)\n\n### Remediation and Mitigation\nA mitigation is available now. Please update to the latest available versions of the following packages:\n* protobuf-python(4.25.8, 5.29.5, 6.31.1)","aliases":["CVE-2025-4565","GHSA-8qvm-5x2c-j2w7"],"modified":"2026-07-07T17:48:07.186137733Z","published":"2026-07-07T16:02:55.431384Z","references":[{"type":"WEB","url":"https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-735f-pc8j-v9w8"},{"type":"WEB","url":"https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-8qvm-5x2c-j2w7"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-4565"},{"type":"WEB","url":"https://github.com/protocolbuffers/protobuf/commit/17838beda2943d08b8a9d4df5b68f5f04f26d901"},{"type":"PACKAGE","url":"https://github.com/protocolbuffers/protobuf"},{"type":"WEB","url":"https://github.com/protocolbuffers/protobuf/blob/main/python/google/protobuf/internal/decoder_test.py#L87-L98"},{"type":"WEB","url":"https://github.com/protocolbuffers/protobuf/blob/main/python/google/protobuf/internal/message_test.py#L1436-L1478"},{"type":"WEB","url":"https://github.com/protocolbuffers/protobuf/tree/main/python#implementation-backends"},{"type":"PACKAGE","url":"https://pypi.org/project/protobuf"},{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-8qvm-5x2c-j2w7"}],"affected":[{"package":{"name":"protobuf","ecosystem":"PyPI","purl":"pkg:pypi/protobuf"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.25.8"},{"introduced":"5.26.0rc1"},{"fixed":"5.29.5"},{"introduced":"6.30.0rc1"},{"fixed":"6.31.1"}]}],"versions":["2.0.0beta","2.0.3","2.3.0","2.4.1","2.5.0","2.6.0","2.6.1","3.0.0","3.0.0a2","3.0.0a3","3.0.0b1","3.0.0b1.post1","3.0.0b1.post2","3.0.0b2","3.0.0b2.post1","3.0.0b2.post2","3.0.0b3","3.0.0b4","3.1.0","3.1.0.post1","3.10.0","3.10.0rc1","3.11.0","3.11.0rc1","3.11.0rc2","3.11.1","3.11.2","3.11.3","3.12.0","3.12.0rc1","3.12.0rc2","3.12.1","3.12.2","3.12.4","3.13.0","3.13.0rc3","3.14.0","3.14.0rc1","3.14.0rc2","3.14.0rc3","3.15.0","3.15.0rc1","3.15.0rc2","3.15.1","3.15.2","3.15.3","3.15.4","3.15.5","3.15.6","3.15.7","3.15.8","3.16.0","3.16.0rc1","3.16.0rc2","3.17.0","3.17.0rc1","3.17.0rc2","3.17.1","3.17.2","3.17.3","3.18.0","3.18.0rc1","3.18.0rc2","3.18.1","3.18.3","3.19.0","3.19.0rc1","3.19.0rc2","3.19.1","3.19.2","3.19.3","3.19.4","3.19.5","3.19.6","3.2.0","3.2.0rc1","3.2.0rc1.post1","3.2.0rc2","3.20.0","3.20.0rc1","3.20.0rc2","3.20.1","3.20.1rc1","3.20.2","3.20.3","3.3.0","3.4.0","3.5.0.post1","3.5.1","3.5.2","3.5.2.post1","3.6.0","3.6.1","3.7.0","3.7.0rc2","3.7.0rc3","3.7.1","3.8.0","3.8.0rc1","3.9.0","3.9.0rc1","3.9.1","3.9.2","4.0.0rc1","4.0.0rc2","4.21.0","4.21.0rc1","4.21.0rc2","4.21.1","4.21.10","4.21.11","4.21.12","4.21.2","4.21.3","4.21.4","4.21.5","4.21.6","4.21.7","4.21.8","4.21.9","4.22.0","4.22.0rc1","4.22.0rc2","4.22.0rc3","4.22.1","4.22.3","4.22.4","4.22.5","4.23.0","4.23.0rc2","4.23.0rc3","4.23.1","4.23.2","4.23.3","4.23.4","4.24.0","4.24.0rc1","4.24.0rc2","4.24.0rc3","4.24.1","4.24.2","4.24.3","4.24.4","4.25.0","4.25.0rc1","4.25.0rc2","4.25.1","4.25.2","4.25.3","4.25.4","4.25.5","4.25.6","4.25.7","5.26.0","5.26.0rc1","5.26.0rc2","5.26.0rc3","5.26.1","5.27.0","5.27.0rc1","5.27.0rc2","5.27.0rc3","5.27.1","5.27.2","5.27.3","5.27.4","5.27.5","5.28.0","5.28.0rc1","5.28.0rc2","5.28.0rc3","5.28.1","5.28.2","5.28.3","5.29.0","5.29.0rc1","5.29.0rc2","5.29.0rc3","5.29.1","5.29.2","5.29.3","5.29.4","6.30.0","6.30.0rc1","6.30.0rc2","6.30.1","6.30.2","6.31.0","6.31.0rc1","6.31.0rc2"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/protobuf/PYSEC-2026-1806.yaml"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V4","score":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"}]}