ROOT-APP-PYPI-CVE-2026-0994 CVE-2026-0994 in rootio-protobuf - Patched by Root

Root has patched CVE-2026-0994 in the rootio-protobuf package for Root:PyPI. Multiple fixed versions available...

EulerOS 2.0 SP11 : linux-sgx (EulerOS-SA-2026-2216)

According to the versions of the linux-sgx packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A denial-of-service DoS vulnerability exists in google.protobuf.jsonformat.ParseDict in Python, where the maxrecursiondepth limit can be bypass...

EulerOS 2.0 SP11 : protobuf (EulerOS-SA-2026-2223)

According to the versions of the protobuf packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A denial-of-service DoS vulnerability exists in google.protobuf.jsonformat.ParseDict in Python, where the maxrecursiondepth limit can be bypasse...

EulerOS Virtualization 2.13.1 : protobuf (EulerOS-SA-2026-2143)

According to the versions of the protobuf packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A denial-of-service DoS vulnerability exists in google.protobuf.jsonformat.ParseDict in Python, where the maxrecursiondepth limit...

EulerOS Virtualization 2.10.1 : protobuf (EulerOS-SA-2026-2032)

According to the versions of the protobuf packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A denial-of-service DoS vulnerability exists in google.protobuf.jsonformat.ParseDict in Python, where the maxrecursiondepth limit...

EulerOS Virtualization 2.10.0 : protobuf (EulerOS-SA-2026-2059)

According to the versions of the protobuf packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A denial-of-service DoS vulnerability exists in google.protobuf.jsonformat.ParseDict in Python, where the maxrecursiondepth limit...

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses protobuf-4.25.3-cp37-abi3-manylinux2014_x86_64.whl, protobuf-6.33.4-cp39-abi3-manylinux2014_x86_64.whl which is vulnerable to CVE-2026-0994

Summary Security Bulletin: IBM Maximo Application Suite - Monitor Component uses Security Bulletin: IBM Maximo Application Suite - Monitor Component uses protobuf-4.25.3-cp37-abi3-manylinux2014x8664.whl, protobuf-6.33.4-cp39-abi3-manylinux2014x8664.whl which is vulnerable to CVE-2026-0994.This...

Security Bulletin: Security vulnerability in Python affects IBM Robotic Process Automation and IBM Robotic Process Automation for Cloud Pak

Summary A security vulnerability in Python affects IBM Robotic Process Automation and IBM Robotic Process Automation for Cloud Pak. Python is used by IBM Robotic Process Automation and IBM Robotic Process Automation for Cloud Pak as part of its deployment. This bulletin identifies the fixes...

Security Bulletin: Vulnerability in google.protobuf with IBM Fusion, IBM Fusion HCI and Content-Aware Storage.

Summary IBM Fusion, IBM Fusion HCI and Content-Aware Storage includes google.protobuf, which could cause denial-of-service DoS vulnerability. CVE-2026-0994. Vulnerability Details CVEID:CVE-2026-0994 DESCRIPTION: A denial-of-service DoS vulnerability exists in google.protobuf.jsonformat.ParseDict ...

Photon OS 5.0: Protobuf PHSA-2026-5.0-0825

An update of the protobuf package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0825. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a Denial of Service in google.protobuf [CVE-2026-0994]

Summary IBM Watson Speech Services Cartridge is vulnerable to a Denial of Service in google.protobuf, due to an issue that allows maxrecursiondepth limit to be bypassed when parsing nested google.protobuf.Any messages. CVE-2026-0994. Google.protobuf is used in our speech service runtimes. This...

TencentOS Server 4: protobuf (TSSA-2026:0093)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0093 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

MiracleLinux 9 : protobuf-3.14.0-17.el9_7 (AXSA:2026-235:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-235:01 advisory. python: protobuf: Protobuf: Denial of Service due to recursion depth bypass CVE-2026-0994 Tenable has extracted the preceding description block directly from...

Ubuntu: Security Advisory (USN-8063-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OESA-2026-1432 protobuf security update

Security Fixes: A denial-of-service DoS vulnerability exists in google.protobuf.jsonformat.ParseDict in Python, where the maxrecursiondepth limit can be bypassed when parsing nested google.protobuf.Any messages. Due to missing recursion depth accounting inside the internal Any-handling logic, an...

RHEL 10 : protobuf (RHSA-2026:3218)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:3218 advisory. The protobuf packages provide Protocol Buffers, Google's data interchange format. Protocol Buffers can encode structured data in an efficient yet...

RHEL 9 : protobuf (RHSA-2026:3219)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:3219 advisory. The protobuf packages provide Protocol Buffers, Google's data interchange format. Protocol Buffers can encode structured data in an efficient yet...

RockyLinux 9 : protobuf (RLSA-2026:3095)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:3095 advisory. python: protobuf: Protobuf: Denial of Service due to recursion depth bypass CVE-2026-0994 Tenable has extracted the preceding description block directly from the...

protobuf security update

An update is available for protobuf. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The protobuf packages provide Protocol Buffers, Google's data interchange...

Important: Red Hat Security Advisory: protobuf security update

An update for protobuf is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...