Lucene search
K

1925 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 12:15 p.m.8 views

CVE-2018-1000851

Copay Bitcoin Wallet version 5.01 to 5.1.0 included. contains a Other/Unknown vulnerability in wallet private key storage that can result in Users' private key can be compromised. . This attack appear to be exploitable via Affected version run the malicious code at startup . This vulnerability...

9.8CVSS7.2AI score0.02238EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:23 a.m.3 views

CVE-2021-31876

Bitcoin Core 0.12.0 through 0.21.1 does not properly implement the replacement policy specified in BIP125, which makes it easier for attackers to trigger a loss of funds, or a denial of service attack against downstream projects such as Lightning network nodes. An unconfirmed child transaction wi...

6.5CVSS6.5AI score0.01608EPSS
Exploits0References1
HackRead
HackRead
added 2026/01/09 10:59 a.m.11 views

$15 Billion Pig Butchering Scam Boss Chen Zhi Extradited to China

Billionaire Chen Zhi and associates Xu Ji Liang and Shao Ji Hui have been extradited to China. This exclusive report details the collapse of the Prince Group's global scam network, the seizure of $15 billion in Bitcoin, and the forced labour camps behind the billion-dollar pig butchering fraud...

7.1AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/09 10:38 a.m.9 views

CVE-2017-12842

Bitcoin Core before 0.14 allows an attacker to create an ostensibly valid SPV proof for a payment to a victim who uses an SPV wallet, even if that payment did not actually occur. Completing the attack would cost more than a million dollars, and is relevant mainly only in situations where an...

7.5CVSS6.8AI score0.02164EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:55 a.m.5 views

CVE-2020-12119

Ledger Live before 2.7.0 does not handle Bitcoin's Replace-By-Fee RBF. It increases the user's balance with the value of an unconfirmed transaction as soon as it is received before the transaction is confirmed and does not decrease the balance when it is canceled. As a result, users are exposed t...

8.1CVSS6.9AI score0.00493EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:37 a.m.9 views

CVE-2024-34149

In Bitcoin Core through 27.0 and Bitcoin Knots before 25.1.knots20231115, tapscript lacks a policy size limit check, a different issue than CVE-2023-50428. NOTE: some parties oppose this new limit check for example, because they agree with the objective but disagree with the technical mechanism, ...

6.3CVSS6.9AI score0.00779EPSS
Exploits0References1
HackRead
HackRead
added 2026/01/08 4:25 p.m.9 views

Discord Controlled NodeCordRAT Steals Chrome Data via NPM Packages

Zscaler ThreatLabz identifies three malicious NPM packages mimicking Bitcoin libraries. The NodeCordRAT virus uses Discord commands to exfiltrate MetaMask data and Chrome passwords...

7.2AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/07 9:54 a.m.16 views

CVE-2013-7372

The engineNextBytes function in classlib/modules/security/src/main/java/common/org/apache/harmony/security/provider/crypto/SHA1PRNGSecureRandomImpl.java in the SecureRandom implementation in Apache Harmony through 6.0M3, as used in the Java Cryptography Architecture JCA in Android before 4.4 and...

5CVSS6.9AI score0.0234EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:15 a.m.8 views

CVE-2019-16761

A specially crafted Bitcoin script can cause a discrepancy between the specified SLP consensus rules and the validation result of the [email protected] npm package. An attacker could create a specially crafted Bitcoin script in order to cause a hard-fork from the SLP consensus. All versions 1.0....

6.1CVSS6.7AI score0.00993EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:15 a.m.11 views

CVE-2019-16762

A specially crafted Bitcoin script can cause a discrepancy between the specified SLP consensus rules and the validation result of the slpjs npm package. An attacker could create a specially crafted Bitcoin script in order to cause a hard-fork from the SLP consensus. Affected users can upgrade to...

6.1CVSS6.6AI score0.01096EPSS
Exploits1References1
HackRead
HackRead
added 2026/01/06 6:51 p.m.6 views

Bitfinex Hack Mastermind Behind $10 Billion Theft Gets Early Release

Ilya Lichtenstein, the man behind the massive 2016 Bitfinex Bitcoin theft, has been released early from prison. Read how the First Step Act and a trail of Walmart gift cards led to this major update in one of the world's largest crypto thefts...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2026/01/05 9:42 a.m.7 views

Bitfinex Hack Convict Ilya Lichtenstein Released Early Under U.S. First Step Act

Ilya Lichtenstein, who was sentenced to prison last year for money laundering charges in connection with his role in the massive hack of cryptocurrency exchange Bitfinex in 2016, said he has been released early. In a post shared on X last week, the 38-year-old announced his release, crediting U.S...

6.6AI score
Exploits0
HackRead
HackRead
added 2025/12/31 1:7 p.m.4 views

2 US Cybersecurity Experts Guilty of Extortion Scheme for ALPHV Ransomware

Can you trust your cybersecurity team? A recent federal case reveals how two US-based cybersecurity experts turned into affiliates for the BlackCat ransomware group, extorting over $1.2M in Bitcoin. Read the full story on their 2023 crime spree...

7AI score
Exploits0
vulnersOsv
vulnersOsv
added 2025/12/31 6:30 a.m.6 views

atomkraft (>=0.0.1 <=0.1.2), bitcoin-utils (>=0.6.1 <=0.7.1) +14 more potentially affected by CVE-2025-69277 via hdwallet (>=0.2.0 <=3.4.0)

hdwallet PYPI version =0.2.0, =0.0.1, =0.6.1, =1.3.6, =0.1.5, =0.1.4, =0.1.6, =0.1.0, =0.1.0, =0.0.2, =0.2.3, =0.1.0, =5.1.0, =0.3.0, =0.5.0a1 and more Source cves: CVE-2025-69277 Source advisory: OSV:GHSA-MRFV-M5WM-5W6W...

4.5CVSS5.8AI score0.00166EPSS
Exploits0
OSV
OSV
added 2025/12/15 7:37 p.m.6 views

GO-2025-4214 Babylon Incorrect FP inactive accounting in costaking creates “phantom stake” that earns rewards after BTC unbond in github.com/babylonlabs-io/babylon

Babylon Incorrect FP inactive accounting in costaking creates “phantom stake” that earns rewards after BTC unbond in github.com/babylonlabs-io/babylon...

6.9AI score
Exploits0References2
EUVD
EUVD
added 2025/12/09 2:25 p.m.6 views

EUVD-2025-201932

Babylon Incorrect FP inactive accounting in costaking creates “phantom stake” that earns rewards after BTC unbond...

6.4AI score
Exploits0References3
Snyk
Snyk
added 2025/12/09 2:25 p.m.2 views

Incomplete Cleanup

Overview Affected versions of this package are vulnerable to Incomplete Cleanup in the x/costaking process. An attacker can continue to accrue rewards without maintaining any actual BTC stake by exploiting a state inconsistency that occurs when a Finality Provider becomes inactive at the same blo...

6.9CVSS6.8AI score
Exploits0References2
OSV
OSV
added 2025/12/09 2:25 p.m.4 views

GHSA-4RMQ-MC2C-R495 Babylon Incorrect FP inactive accounting in costaking creates “phantom stake” that earns rewards after BTC unbond

Summary A state consistency bug in x/costaking can leave a BTC delegator with non-zero ActiveSatoshis Phatom Stake even after they have fully unbonded their BTC delegation, if their Finality Provider FP drops out of the active set in the exact same babylon block height. This creates a “phantom...

6.9CVSS6.8AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2025/12/09 2:25 p.m.6 views

Babylon Incorrect FP inactive accounting in costaking creates “phantom stake” that earns rewards after BTC unbond

Summary A state consistency bug in x/costaking can leave a BTC delegator with non-zero ActiveSatoshis Phatom Stake even after they have fully unbonded their BTC delegation, if their Finality Provider FP drops out of the active set in the exact same babylon block height. This creates a “phantom...

6.9AI score
Exploits0References3Affected Software4
Packet Storm News
Packet Storm News
added 2025/12/03 12:0 a.m.6 views

The Treasury Proof Ledger: A Cryptographic Framework for Accountable Bitcoin Treasuries

Public companies and institutional investors that hold Bitcoin face increasing pressure to show solvency, manage risk, and satisfy regulatory expectations without exposing internal wallet structures or trading strategies. This paper introduces the Treasury Proof Ledger TPL, a Bitcoin-anchored...

6.8AI score
Exploits0
Rows per page
Query Builder