Description
DeepDiff is a project focused on Deep Difference and search of any Python data. From version 5.0.0 to before version 8.6.2, the pickle unpickler _RestrictedUnpickler validates which classes can be loaded but does not limit their constructor arguments. A few of the types in SAFE_TO_IMPORT have constructors that allocate memory proportional to their input (builtins.bytes, builtins.list, builtins.range). A 40-byte pickle payload can force 10+ GB of memory, which crashes applications that load delta objects or call pickle_load with untrusted data. This issue has been patched in version 8.6.2.
Published: 2026-03-20
Score: 8.7 High
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service via Memory Exhaustion
Action: Immediate Patch
AI Analysis

Impact

DeepDiff's deserialization routine can be misused with malicious pickles to fork constructors of built-in types that accept payload length, causing the program to allocate an extreme amount of memory. The result is a crash that denies service to legitimate users. The vulnerability stems from unchecked constructor arguments in the SAFE_TO_IMPORT classes, a classic CWE-400 style resource exhaustion bug.

Affected Systems

The issue affects the DeepDiff Python library, distributed by the vendor semperman, across every release from version 5.0.0 up to, but not including, 8.6.2. Applications that integrate DeepDiff and deserialize pickle data from untrusted sources are exposed.

Risk and Exploitability

With a CVSS score of 8.7 and an EPSS likelihood below 1 %, the vulnerability is high‑severity but not currently widely exploited. An attacker can remotely supply a crafted 40‑byte pickle payload to an application that loads or compares delta objects, triggering gigabyte‑scale memory allocation and a crash. The recent patch in 8.6.2 removes the unchecked constructor paths, mitigating the risk.

Generated by OpenCVE AI on April 14, 2026 at 21:09 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade DeepDiff to version 8.6.2 or later, which removes the unbounded constructor calls.
  • If upgrading is not immediately possible, strictly limit pickle deserialization to trusted data sources or replace the vulnerable library with a vetted alternative.

Generated by OpenCVE AI on April 14, 2026 at 21:09 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-54jj-px8x-5w5q DeepDiff has Memory Exhaustion DoS through SAFE_TO_IMPORT
History

Tue, 14 Apr 2026 18:30:00 +0000

Type Values Removed Values Added
First Time appeared Qluster
Qluster deepdiff
Weaknesses CWE-770
CPEs cpe:2.3:a:qluster:deepdiff:*:*:*:*:*:*:*:*
Vendors & Products Qluster
Qluster deepdiff
Metrics cvssV3_1

{'score': 5.9, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H'}

 cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

Tue, 24 Mar 2026 02:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 23 Mar 2026 12:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-502
References
Metrics threat_severity

None

 cvssV3_1

{'score': 5.9, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H'}

threat_severity

Moderate

Mon, 23 Mar 2026 10:00:00 +0000

Type Values Removed Values Added
First Time appeared Seperman
Seperman deepdiff
Vendors & Products Seperman
Seperman deepdiff

Fri, 20 Mar 2026 20:45:00 +0000

Type Values Removed Values Added
Description DeepDiff is a project focused on Deep Difference and search of any Python data. From version 5.0.0 to before version 8.6.2, the pickle unpickler _RestrictedUnpickler validates which classes can be loaded but does not limit their constructor arguments. A few of the types in SAFE_TO_IMPORT have constructors that allocate memory proportional to their input (builtins.bytes, builtins.list, builtins.range). A 40-byte pickle payload can force 10+ GB of memory, which crashes applications that load delta objects or call pickle_load with untrusted data. This issue has been patched in version 8.6.2.
Title DeepDiff has Memory Exhaustion DoS through SAFE_TO_IMPORT
Weaknesses CWE-400
References
Metrics cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Qluster Deepdiff
Seperman Deepdiff
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-03-24T02:03:16.623Z

Reserved: 2026-03-17T21:17:08.886Z

Link: CVE-2026-33155

cve-icon Vulnrichment

Updated: 2026-03-24T02:03:12.675Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-20T21:17:15.910

Modified: 2026-04-14T18:24:04.770

Link: CVE-2026-33155

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-03-20T20:25:53Z

Links: CVE-2026-33155 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-15T16:45:09Z

Weaknesses