CredSweeper, Recursive Zip-Bomb Bypass, CVE-2026-XXXXX (High) -DC-Jul2026-858

Listen to this Post

How the CVE Works

CredSweeper is an open-source credential scanning tool developed by Samsung. It features a “deep scanning” mode (--depth > 0) that recursively unpacks and scans container files such as ZIP, TAR, GZIP, BZIP2, LZMA/XZ, and RPM archives to detect credentials hidden inside nested archives. To prevent recursive zip-bomb attacks—where a small archive expands to an enormous size—CredSweeper implements a `recursive_limit_size` budget intended to limit the total bytes extracted during recursive scanning.
However, multiple flaws in the implementation allow attackers to bypass this protection entirely. The root cause is that `recursive_limit_size` is not enforced as a hard limit. The vulnerable code path begins in credsweeper/app.py:323, which calls `self.deep_scanner.scan()` with the configured depth and size limit, and then proceeds through credsweeper/deep_scanner/abstract_scanner.py:269-305.
The first exploitation path affects single-stream decompressors: gzip, bzip2, and lzma/xz. In gzip_scanner.py:33-43, bzip2_scanner.py:38-43, and lzma_scanner.py:38-43, the scanner fully decompresses the entire payload into memory using gzip.open().read(), bz2.decompress(), or `lzma.decompress()` before any budget validation occurs. Only after the full decompressed data is materialized in memory does the scanner compute `new_limit = recursive_limit_size – len(decompressed_data)` and pass this (often negative) value to recursive_scan(). The `AbstractScanner.recursive_scan()` function at lines 58-94 only checks for negative depth and minimum data length (MIN_DATA_LEN)—it does not stop when `recursive_limit_size` is negative. Consequently, a 64-byte compressed payload that decompresses to 64 bytes will be fully inflated and scanned even when the configured limit is only 16 bytes, resulting in a residual budget of -48 being passed deeper into recursion.
The second exploitation path affects multi-entry archives: `zip` and tar. In `zip_scanner.py:49-60` and tar_scanner.py:48-59, each entry is checked individually against the original `recursive_limit_size` using if 0 > recursive_limit_size - entry.file_size: continue. The budget is never decremented globally after processing an entry. Therefore, an archive with two 12-byte members will be fully processed even when the configured limit is only 16 bytes, because each member passes the per-entry check (12 < 16), but the aggregate total of 24 bytes exceeds the intended limit. The same per-member pattern exists in rpm_scanner.py:42-51.
The vulnerability was introduced in commit 0bd8fe56ad2e08b12d47677f7dbe1a75913969ae. The last unaffected release is v1.4.8, and all releases from `v1.4.9` through the current `v1.15.8` (and upstream HEAD commit 8b081acf04311eafe8fbd66ea41d02b0a7a4c6f6) remain vulnerable.

DailyCVE Form

Platform: CredSweeper
Version: 1.4.9 – 1.15.8
Vulnerability: Recursive zip-bomb protection bypass
Severity: High (Resource Exhaustion)
Date: 2026-07-10

Prediction: 2026-08-10

What Undercode Say: Analytics

Clone the vulnerable repository at the confirmed commit
git clone https://github.com/Samsung/CredSweeper.git
cd CredSweeper
git checkout 8b081acf04311eafe8fbd66ea41d02b0a7a4c6f6
Run the proof-of-concept harness (save as proof_poc.py one directory above)
python3 ../proof_poc.py

Expected output confirming the bypass:

{
"head_commit": "8b081acf04311eafe8fbd66ea41d02b0a7a4c6f6",
"package_version": "1.15.8",
"proof_1_negative_budget_after_full_decompression": [
{"format": "gzip", "compressed_size": 24, "configured_limit": 16, "decompressed_size": 64, "residual_limit_seen_by_recursive_scan": -48},
{"format": "bzip2", "compressed_size": 39, "configured_limit": 16, "decompressed_size": 64, "residual_limit_seen_by_recursive_scan": -48},
{"format": "lzma", "compressed_size": 68, "configured_limit": 16, "decompressed_size": 64, "residual_limit_seen_by_recursive_scan": -48}
],
"proof_2_negative_budget_not_rejected": {"data_len": 64, "depth": 0, "recursive_limit_size": -48},
"proof_3_cumulative_budget_bypass_in_multi_entry_archives": [
{"format": "zip", "configured_limit": 16, "member_size": 12, "member_count": 2, "total_extracted_bytes": 24},
{"format": "tar", "configured_limit": 16, "member_size": 12, "member_count": 2, "total_extracted_bytes": 24}
]
}

How Exploit

An attacker can craft a malicious archive that exploits either vulnerability path:
1. Single-stream decompressor bypass: Create a GZIP, BZIP2, or LZMA file containing a payload slightly larger than the configured recursive_limit_size. When CredSweeper scans it with --depth > 0, the entire payload is decompressed into memory before the budget is checked, and the negative residual budget is ignored, allowing oversized content to be scanned.
2. Multi-entry archive cumulative bypass: Create a ZIP or TAR archive containing many small files, each under the `recursive_limit_size` threshold, but whose total decompressed size far exceeds the limit. Because the budget is not decremented globally, all files are processed.
3. RPM scanner (same pattern): The RPM scanner uses the same per-member budget check as ZIP/TAR and is equally vulnerable, though exploiting it requires an additional third-party parser.
The provided PoC demonstrates that with a limit of 16 bytes, a 64-byte decompressed payload is fully processed, and a two-member archive totaling 24 bytes is fully extracted.

Protection

The following layered fixes are recommended:

  1. Add a hard negative-budget guard in `recursive_scan()` and structure_scan(): abort immediately when `recursive_limit_size < 0` before any further processing.
  2. Enforce limits before or during decompression: For GZIP, BZIP2, and LZMA/XZ, use bounded incremental decompression (e.g., reading in chunks) and stop as soon as the decompressed size exceeds the remaining budget, rather than fully materializing the payload in memory.
  3. Track a mutable cumulative budget across sibling entries: For ZIP, TAR, and RPM, maintain a shared remaining-budget counter that is decremented after each successfully processed member. Stop processing further entries once the budget is exhausted.

4. Add regression tests:

  • A GZIP payload whose decompressed size exceeds the limit must be rejected before recursion with a negative residual budget.
  • Equivalent tests for BZIP2 and LZMA/XZ.
  • A ZIP/TAR archive with two members that are each under the per-entry threshold but exceed the total threshold together must stop after the budget is exhausted.
  • A direct unit test for `recursive_scan()` showing that a negative `recursive_limit_size` stops recursion immediately.

Impact

  • Primary weakness: CWE-409: Improper Handling of Highly Compressed Data (Data Amplification)
  • Related weakness: CWE-400: Uncontrolled Resource Consumption
  • Impact type: Availability / Resource Exhaustion (Denial of Service)
  • Who is impacted: Users running CredSweeper with deep scanning enabled (--depth > 0) on untrusted repositories, archives, or binary inputs; CI jobs, pre-merge checks, internal security automation, and downstream services that expose CredSweeper as part of automated scanning of uploaded or fetched content
  • Practical consequences: Jobs may hang, consume excessive memory/CPU, or be terminated by the operating system or CI platform
  • No confirmed impact: Arbitrary code execution, arbitrary file write, or data exfiltration

🎯Let’s Practice Exploiting & Learn Patching For Free:

🎓 Live Courses & Certifications:

Join Undercode Academy for Verified Certifications

🚀 Request a Custom Project:

Secure, high-velocity infrastructure and disruptive technological engineering. Contact our engineering team for high-tier development and proprietary systems:
[email protected]
💎 Smart Architecture | 🛡️ Secure by Design | ⭐ Trusted by Thousands

Sources:

Reported By: github.com
Extra Source Hub:
Undercode

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow DailyCVE & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin Featured Image

Scroll to Top