Anthropic’s Buffa Rust Library 0-Day Vulnerability Enables DoS Attack

Anthropic’s Rust-based protobuf implementation, buffa, has been found vulnerable to a zero-day denial-of-service (DoS) condition caused by unbounded heap allocation on attacker-controlled input. The flaw, now tracked as CVE-2026-55407 and GHSA-f9qc-qg88-7pq5, affects buffa and connectrpc versions before 0.8.0 and has been scored as CVSS 4.0/6.3 (Moderate). However, the real-world impact can scale to High or […]

The post Anthropic’s Buffa Rust Library 0-Day Vulnerability Enables DoS Attack appeared first on Cyber Security News.

This article has been indexed from Cyber Security News

Read the original article: