A vulnerability, which was classified as problematic, has been found in Zeroconf up to 0.149.15. This impacts the function
_read_character_string/_read_string of the file src/zeroconf/_protocol/incoming.py of the component DNS Service Discovery. Performing a manipulation of the argument RDLENGTH results in information disclosure.
This vulnerability is known as CVE-2026-48487. Remote exploitation of the attack is possible. No exploit is available.