CVE-2026-33155

Name of the Vulnerable Software and Affected Versions DeepDiff versions 5.0.0 through 8.6.1

Description DeepDiff is a Python project for deep difference and search of data. The pickle unpickler RestrictedUnpickler validates which classes can be loaded but does not limit their constructor arguments. Certain types within SAFE TO IMPORT (like builtins.bytes, builtins.list, and builtins.range) have constructors that allocate memory proportional to their input. A small, 40-byte pickle payload can trigger the allocation of over 10 GB of memory, potentially crashing applications that load delta objects or use pickle load with untrusted data. This can be exploited in two ways: during pickle load by calling bytes(N) with a large N, or during delta application by manipulating values and types. The amplification factor can be significant, reaching up to 2,000,000x. This issue results in a denial of service.

Recommendations DeepDiff versions prior to 8.6.2 are affected. Update to DeepDiff version 8.6.2 or later.