CVE-2026-48510 is a medium-severity allocation of resources without limits or throttling vulnerability in MessagePack (nuget), affecting versions < 2.5.301. It is fixed in 2.5.301, 3.1.7.
Summary When MessagePack-CSharp decompresses Lz4Block or Lz4BlockArray payloads, it reads declared uncompressed lengths from the wire and allocates output buffers based on those lengths before validating that the compressed data is valid or that the declared expansion is reasonable. A small payload can claim a very large uncompressed length and force a large allocation before LZ4 decoding begins. Impact Applications are affected when they deserialize attacker-controlled MessagePack payloads with MessagePackCompression.Lz4Block or MessagePackCompression.Lz4BlockArray enabled. In the Lz4Block case, an attacker-controlled integer is used to request the destination span. In the Lz4BlockArray case, per-block uncompressed lengths and their aggregate can be attacker-controlled. Without a cap, the declared output size can be disproportionate to the input size, producing out-of-memory exceptions, process termination on constrained hosts, or severe memory pressure. This advisory is about unbounded allocation from declared decompressed sizes. It is separate from the LZ4 source-buffer over-read issue, which concerns unsafe decoder reads beyond the compressed input buffer. Affected components Package: MessagePack Feature: LZ4 compressed MessagePack payloads APIs: MessagePackSerializer with WithCompression(MessagePackCompression.Lz4Block) or WithCompression(MessagePackCompression.Lz4BlockArray) Internal routine: MessagePackSerializer.TryDecompress Finding ID: MESSAGEPACKCSHARP-OPEN-004 Patches Fixes are prepared and will be released in coordinated patch versions. Upgrade guidance: Upgrade MessagePack to the patched version for your release line. Upgrade companion MessagePack packages in the same dependency graph to the coordinated patched versions. The fix should reject negative and excessive uncompressed lengths before allocation. It should also cap aggregate decompressed size for block arrays and expose or honor an appropriate maximum decompressed length policy. Workarounds Patching is recommended. Until a patched version is available, do not enable MessagePack-CSharp's built-in LZ4 compression modes for untrusted inputs. If compression is required, enforce strict compressed and decompressed size limits outside MessagePack-CSharp before deserialization. Resources MESSAGEPACKCSHARP-OPEN-004: LZ4 decompression allocation from unbounded uncompressed length MESSAGEPACKCSHARP-011: duplicate decompression-bomb finding CWE-409: Improper Handling of Highly Compressed Data CWE-770: Allocation of Resources Without Limits or Throttling
The application allocates resources such as memory, threads, or file descriptors based on untrusted input without enforcing a cap. Typical impact: resource exhaustion leading to denial of service.
CVE-2026-48510 has a CVSS score of 7.5 (Medium). The vector is network-reachable, no privileges required, and no user interaction. A CVSS score reflects the worst-case severity of the vulnerability, not your specific exposure. Whether this affects your application depends on whether the vulnerable code is present and reachable in your environment.
A fixed version is available (2.5.301, 3.1.7). Upgrading removes the vulnerable code path.
nuget
MessagePack (< 2.5.301)MessagePack (>= 3.0, < 3.1.7)MessagePack → 2.5.301 (nuget)MessagePack → 3.1.7 (nuget)Severity tells you how bad this could be in the worst case. It does not tell you whether you are exposed. Exploitability and impact are functions of runtime truth: whether the vulnerable code is present, reachable, and actually executes in your application. A vulnerable package can sit in your dependency tree and never run.
Kodem, an Intelligent Application Security platform, uses runtime intelligence to reveal which vulnerabilities actually execute in production, so teams prioritize the ones that genuinely matter instead of chasing every advisory.
Kodem's runtime-powered SCA identifies whether CVE-2026-48510 is reachable in your applications. Explore open-source security for your team.
See if CVE-2026-48510 is reachable in your applications. Get a demo
Already deployed Kodem? See CVE-2026-48510 in your environment →Upgrade the following packages to resolve this vulnerability:
MessagePack to 2.5.301 or laterMessagePack to 3.1.7 or laterKodem Kai can prioritize this vulnerability in your dependency tree and generate a fix recommendation.
CVE-2026-48510 is a medium-severity allocation of resources without limits or throttling vulnerability in MessagePack (nuget), affecting versions < 2.5.301. It is fixed in 2.5.301, 3.1.7. The application allocates resources such as memory, threads, or file descriptors based on untrusted input without enforcing a cap.
CVE-2026-48510 has a CVSS score of 7.5 (Medium). This score reflects the worst-case severity of the vulnerability, not your specific exposure. Whether it represents real risk in your environment depends on whether the vulnerable code is present and reachable.
MessagePack (nuget) versions < 2.5.301 is affected.
Yes. CVE-2026-48510 is fixed in 2.5.301, 3.1.7. Upgrade to this version or later.
Whether CVE-2026-48510 is exploitable in your environment depends on whether the vulnerable code is present and reachable. A CVSS score is a worst-case rating; it does not account for your specific deployment, configuration, or usage patterns. Kodem, an Intelligent Application Security platform, uses runtime intelligence to show which vulnerabilities actually execute in production, so you can focus on the ones that represent real risk. Get a demo
Exploitability and impact are not fixed properties of a CVE. They depend on runtime truth: whether the vulnerable code is present, reachable, and actually executes in your application. A high CVSS score on a dependency that never runs is not the same as real risk. Kodem, an Intelligent Application Security platform, uses runtime intelligence to reveal which vulnerabilities actually execute in production, so teams prioritize the ones that genuinely matter.
MessagePack to 2.5.301 or laterMessagePack to 3.1.7 or later