EUVD-2026-20996

bsv-sdk and bsv-wallet persist unverified certifier signatures in acquirecertificate direct and issuance paths...

Improper Check for Unusual or Exceptional Conditions

Overview bsv-sdk is an A Ruby library for interacting with the BSV Blockchain — keys, scripts, transactions, and more. Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions due to improper handling of ARC broadcaster responses i. An attacker can...

CVE-2026-40069

BSV Ruby SDK is the Ruby SDK for the BSV blockchain. From 0.1.0 to before 0.8.2, BSV::Network::ARC's failure detection only recognises REJECTED and DOUBLESPENDATTEMPTED. ARC responses with txStatus values of INVALID, MALFORMED, MINEDINSTALEBLOCK, or any ORPHAN-containing extraInfo / txStatus are...

CVE-2026-40070 bsv-sdk and bsv-wallet persist unverified certifier signatures in acquire_certificate (direct and issuance paths)

BSV Ruby SDK is the Ruby SDK for the BSV blockchain. From 0.3.1 to before 0.8.2, BSV::Wallet::WalletClientacquirecertificate persists certificate records to storage without verifying the certifier's signature over the certificate contents. In acquisitionprotocol: 'direct', the caller supplies all...

PT-2026-31672

Name of the Vulnerable Software and Affected Versions BSV Ruby SDK versions 0.3.1 through 0.8.1 BSV Ruby Wallet versions 0.1.2 through 0.3.3 Description The BSV Ruby SDK and Wallet contain a flaw in the acquire certificate function, which does not verify the certifier's signature over the...