CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

GHSA-2wc2-fm75-p42x: Soup Sieve has Memory Exhaustion via Large Comma-Separated Selector Lists

highCVSS 7.5CVE-2026-49476
Summary The CSS selector parser in soupsieve (the CSS selector engine for Beautiful Soup 4) allocates unbounded memory when compiling large comma-separated selector lists. An attacker who can supply a crafted CSS selector string to soupsieve.compile() or Beautiful Soup's .select() / .select_one() can cause the application to allocate hundreds of megabytes of heap memory from a relatively small input, leading to memory exhaustion and denial of service. To be completely transparent, AI tools helped surface this issue. However, it was independently reproduced and carefully validated. Researchers follow responsible disclosure practices and originally shared this report privately. A 500 KB selector string triggers allocation of approximately 244 MB of heap memory - a 488x— amplification ratio. Details Affected code:** soupsieve/css_parser.py, lines ~204, 925, 1106 The soupsieve CSS parser splits comma-separated selector lists and creates one CSSSelector object per list item. Each CSSSelector object contains parsed selector data structures including SelectorList, Selector, and associated tag/attribute/pseudo-class metadata. When a selector string such as a,a,a,... (with 250,000 comma-separated items) is passed to sv.compile(), the parser: 1. Tokenises the entire string and identifies each comma-delimited segment (line ~1106) 2. Parses each segment into a full Selector object with all associated metadata (line ~925) 3. Stores all parsed selectors in a SelectorList (line ~204) Root cause: No limit is enforced on the number of selectors in a comma-separated list. The parser will attempt to parse and store an arbitrary number of selectors, with each selector object consuming approximately 976 bytes of heap memory. The total allocation scales linearly with the number of list items, but the amplification ratio (output memory / input bytes) is extremely high because each single-character selector like a expands into a complex object graph. Attack surface: Any applicati

Details

Source
GitHub Security Advisories (INTL · database · site)
Severity
high — CVSS 7.5
Published
2026-07-09
Last updated
2026-07-09
Exploitation
Not in CISA KEV at last sync

Original advisory: https://github.com/advisories/GHSA-2wc2-fm75-p42x

Referenced CVEs

CVECSIRTS overviewExternal
CVE-2026-49476coverage & exploitation statusNVD · CVE.org

More from GitHub Security Advisories