Zero-Day DoS Vulnerability Found in Anthropic's buffa Library

Zero-Day DoS Vulnerability Found in Anthropic's buffa Library

First seen 1 Jul 2026, 10:45 UTC EndorlabsGbhackers 75% similarity 57.8
Share:

Article Content

Browse articles
ThreatCluster

A zero-day memory amplification denial-of-service (DoS) vulnerability has been discovered in Anthropic's Rust-based protobuf library, buffa. Identified as CVE-2026-55407, the flaw allows attackers to exploit unbounded-allocation data flows, leading to significant memory depletion with small inputs. Endor Labs' AI-powered static application security testing (SAST) engine detected the issue, which affects any message decoded from untrusted input using the default settings. The vulnerability is linked to the decode_unknown_field function in buffa's encoding module, where the allocation size is derived directly from untrusted input. Anthropic has engaged with Endor Labs following the disclosure to assess the severity based on deployment scenarios. The vulnerability is classified as moderate with a CVSS score of 6.3. Immediate action is advised for users of the library to mitigate potential impacts.

Key Points: • CVE-2026-55407 is a zero-day DoS vulnerability in Anthropic's buffa library. • The flaw allows attackers to cause memory depletion using small inputs. • Endor Labs identified the vulnerability using its AI SAST engine.

ThreatCluster AI

Timeline

2026-06-30
Vulnerability identified by Endor Labs
Endor Labs discovered a memory amplification DoS vulnerability in buffa, tracked as CVE-2026-55407.
Endorlabs
2026-07-01
Public disclosure of the vulnerability
Gbhackers reported on the zero-day vulnerability in Anthropic's buffa library, emphasizing its potential impact.
Gbhackers

Community

Browse all →