EXECUTIVE SUMMARY:
The vulnerability CVE-2026-33155 affects the Python package DeepDiff, specifically versions >= 5.0.0 and <= 8.6.1, and carries a high severity CVSS score of 7.5. It stems from improper handling in the _RestrictedUnpickler, which enforces class restrictions but does not validate constructor arguments, allowing uncontrolled memory allocation. Built-in types such as bytes, list, and range within the SAFE_TO_IMPORT set can be abused to allocate memory proportional to attacker-supplied input. A crafted pickle payload of very small size can trigger allocation of several gigabytes of memory during deserialization. The issue can be exploited either via direct use of pickle_load or during delta object processing where type conversions occur without size checks. This weakness bypasses earlier protections that focused on preventing remote code execution but overlooked resource exhaustion risks. Consequently, attackers can induce denial-of-service conditions by exhausting system memory. Systems that deserialize untrusted data are particularly vulnerable, as minimal payloads can result in massive resource amplification and service disruption.
RECOMMENDATION:
We strongly recommend you update DeepDiff to version 8.6.2.
REFERENCES:
The following reports contain further technical details: