Python Zeroconf
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-47184 | 0.00 | — | — | May 29, 2026 | ### Impact `DNSCache._async_add` inserted every response record into `cache`, `_expirations`, `_expire_heap`, and `service_cache` with no cap on entry count. The only pre-existing protection was a PTR TTL floor (`_DNS_PTR_MIN_TTL = 1125` s, RFC 6762 §10), which actually… | |||
| CVE-2026-47183 | 0.00 | — | — | May 29, 2026 | ### Impact `DNSIncoming._log_exception_debug` and the four `QuietLogger` exception-dedup methods stored an unbounded `_seen_logs` dict keyed by `str(sys.exc_info()[1])`. The seven `IncomingDecodeError` messages raised from `_read_name` / `_decode_labels_at_offset` (RFC 6762 §18… | |||
| CVE-2026-47180 | 0.00 | — | — | May 29, 2026 | ### Impact `DNSIncoming._decode_labels_at_offset` recurses once per DNS-name compression pointer (RFC 1035 §4.1.4). Pointer cycles and label counts were capped, but the chain length of unique forward pointers was not. A single ~3 kB mDNS packet carrying ~1500 chained pointers… |
- CVE-2026-47184May 29, 2026risk 0.00cvss —epss —
### Impact `DNSCache._async_add` inserted every response record into `cache`, `_expirations`, `_expire_heap`, and `service_cache` with no cap on entry count. The only pre-existing protection was a PTR TTL floor (`_DNS_PTR_MIN_TTL = 1125` s, RFC 6762 §10), which actually…
- CVE-2026-47183May 29, 2026risk 0.00cvss —epss —
### Impact `DNSIncoming._log_exception_debug` and the four `QuietLogger` exception-dedup methods stored an unbounded `_seen_logs` dict keyed by `str(sys.exc_info()[1])`. The seven `IncomingDecodeError` messages raised from `_read_name` / `_decode_labels_at_offset` (RFC 6762 §18…
- CVE-2026-47180May 29, 2026risk 0.00cvss —epss —
### Impact `DNSIncoming._decode_labels_at_offset` recurses once per DNS-name compression pointer (RFC 1035 §4.1.4). Pointer cycles and label counts were capped, but the chain length of unique forward pointers was not. A single ~3 kB mDNS packet carrying ~1500 chained pointers…