Improper Input Validation

github.com/cometbft/cometbft is vulnerable to Improper Input Validation. The vulnerability is due to the lack of validation for BitArrays with mismatched element and bit counts, which allows an attacker to supply malformed BitArrays that can trigger processing errors or panics within the system...

Insufficient Verification Of Data Authenticity

CometBFT is vulnerable to Insufficient Verification of Data Authenticity. The vulnerability is due to improper validation due to incorrect processing and dissemination of invalid block part indices and proof part indices, which could lead to a network halt...

Improper Check Or Handling Of Exceptional Conditions

github.com/cometbft/cometbft is vulnerable to Improper Check or Handling of Exceptional Conditions. The vulnerability is due to improper validation of reported latest heights, allowing a malicious node to first report a higher latest height and then a lower one, causing syncing nodes to get stuck...

GO-2025-3442 CometBFT allows a malicious peer to make node stuck in blocksync in github.com/cometbft/cometbft

CometBFT allows a malicious peer to make node stuck in blocksync in github.com/cometbft/cometbft...

CVE-2025-24371

CometBFT is a distributed, Byzantine fault-tolerant, deterministic state machine replication engine. In the blocksync protocol peers send their base and latest heights when they connect to a new node A, which is syncing to the tip of a network. base acts as a lower ground and informs A that the...

GHSA-R3R4-G7HQ-PQ4F CometBFT allows a malicious peer to stall the network by disseminating seemingly valid block parts

Name: ASA-2025-002: Malicious peer can stall network by disseminating seemingly valid block parts Component: CometBFT Criticality: High Catastrophic Impact; Possible Likelihood per ACMv1.2 Affected versions: = v0.38.16, v1.0.0 Affected users: Validators, Full nodes, Users Description A bug was...

Denial Of Service (DoS)

github.com/cometbft/cometbft is vulnerable to Denial Of Service DoS. The vulnerability is due to improper validation of the ValidatorIndex field in Vote messages, where the usual verification is bypassed for Precommit Vote messages with a non-nil BlockID, allowing invalid messages to go unvalidat...

Incorrect Validation

github.com/cometbft/cometbft/light is vulnerable to Incorrect Validation. The vulnerability is due to incomplete validation of the ProposerPriority field in the ValidatorSet retrieved from RPC endpoints, which can lead to inconsistencies in the proposer selection algorithm and potentially cause t...

PT-2023-33029 · Cometbft · Cometbft

Name of the Vulnerable Software and Affected Versions: CometBFT versions prior to the next release of each branch Description: A default configuration in CometBFT has been found to be large for common use cases, which may affect block times and consensus participation when fully utilized by chain...