Lucene search
K

4419 matches found

Snyk
Snyk
added 2026/03/03 6:17 a.m.2 views

Malicious Package

Overview ethereum-lint is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.9AI score
Exploits0References2
GithubExploit
GithubExploit
added 2026/03/02 9:48 a.m.198 views

filecoin-audit-kit

Filecoin Security Devnet Spin up a local Filecoin network for...

6.1AI score
Exploits0
vulnersOsv
vulnersOsv
added 2026/02/25 9:54 p.m.6 views

@0xlimao/n8n-nodes-ethereum (>=1.0.0 <=1.0.1), @aayshian/n8n-aisensy-ay19 (=0.0.1) +98 more potentially affected by CVE-2026-27498 via n8n-core (>=2.0.0 <=2.1.1)

n8n-core NPM version =2.0.0, =1.0.0, =0.0.1, =1.0.0, =0.0.1, =0.0.1, =0.3.6, =0.1.0, =1.0.0, =0.1.4, =0.1.0, =0.1.13 and more Source cves: CVE-2026-27498 Source advisory: SNYK:JS-N8NCORE-15357608...

9CVSS7.2AI score0.00718EPSS
Exploits0
NVD
NVD
added 2026/02/25 4:23 p.m.6 views

CVE-2026-22866

Ethereum Name Service ENS is a distributed, open, and extensible naming system based on the Ethereum blockchain. In versions 1.6.2 and prior, the RSASHA256Algorithm and RSASHA1Algorithm contracts fail to validate PKCS1 v1.5 padding structure when verifying RSA signatures. The contracts only check...

7.5CVSS0.00177EPSS
Exploits0References3
CVE
CVE
added 2026/02/25 3:47 p.m.12 views

CVE-2026-22866

The CVE-2026-22866 entry describes a Bleichenbacher-style RSA signature forgery flaw in Ethereum Name Service (ENS) DNSSEC tooling. In ENS v1.6.2 and earlier, RSASHA256Algorithm and RSASHA1Algorithm do not validate PKCS#1 v1.5 padding correctly and only compare the trailing 32 (or 20) bytes of th...

7.5CVSS5.5AI score0.00177EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2026/02/25 12:0 a.m.10 views

ENS 数据伪造问题漏洞

ENS is an open-source Ethereum domain name service, involving both registrars and local resolvers. Versions of ENS 1.6.2 and earlier had a vulnerability related to data manipulation. This vulnerability stemmed from the lack of verification of the PKCS1 v1.5 padding structure during RSA signature...

7.5CVSS5.8AI score0.00177EPSS
Exploits0References4
OSV
OSV
added 2026/02/24 11:10 p.m.7 views

GO-2026-4511 Go Ethereum Improperly Validates the ECIES Public Key in RLPx Handshake in github.com/ethereum/go-ethereum

Go Ethereum Improperly Validates the ECIES Public Key in RLPx Handshake in github.com/ethereum/go-ethereum...

7.5CVSS5.4AI score0.00447EPSS
Exploits0References4
OSV
OSV
added 2026/02/24 11:10 p.m.7 views

GO-2026-4507 Go Ethereum affected by crash via malicious p2p message in github.com/ethereum/go-ethereum

Go Ethereum affected by crash via malicious p2p message in github.com/ethereum/go-ethereum...

8.7CVSS5.4AI score0.0058EPSS
Exploits0References3
OSV
OSV
added 2026/02/24 11:10 p.m.7 views

GO-2026-4508 Go Ethereum affected by DoS via malicious p2p message in github.com/ethereum/go-ethereum

Go Ethereum affected by DoS via malicious p2p message in github.com/ethereum/go-ethereum...

7.5CVSS5.4AI score0.00578EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/02/21 1:30 a.m.5 views

CVE-2026-26313

go-ethereum geth is a golang execution layer implementation of the Ethereum protocol. Prior to version 1.17.0, an attacker can cause high memory usage by sending a specially-crafted p2p message. The issue is resolved in the v1.17.0 release...

7.5CVSS5.7AI score0.00578EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/21 1:30 a.m.5 views

CVE-2026-26315

go-ethereum Geth is a golang execution layer implementation of the Ethereum protocol. Prior to version 1.16.9, through a flaw in the ECIES cryptography implementation, an attacker may be able to extract bits of the p2p node key. The issue is resolved in the v1.16.9 and v1.17.0 releases of Geth...

7.5CVSS5.6AI score0.00447EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/21 1:28 a.m.6 views

CVE-2026-26314

go-ethereum geth is a golang execution layer implementation of the Ethereum protocol. Prior to version 1.16.9, a vulnerable node can be forced to shutdown/crash using a specially crafted message. The problem is resolved in the v1.16.9 and v1.17.0 releases of Geth...

8.7CVSS5.7AI score0.0058EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/19 11:39 p.m.9 views

Malicious code in ethrpc-keys (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f086c363123d21b52dc28b5a642db6c1eb84e01dc519995435476b19655d63a9 The malicious code is in the ethrpc-keys package, which is a clone of legitimate eth-keys, but contains a modification that silently exfiltrates the user's...

5.6AI score
Exploits0References1
NVD
NVD
added 2026/02/19 10:16 p.m.9 views

CVE-2026-26314

go-ethereum geth is a golang execution layer implementation of the Ethereum protocol. Prior to version 1.16.9, a vulnerable node can be forced to shutdown/crash using a specially crafted message. The problem is resolved in the v1.16.9 and v1.17.0 releases of Geth...

8.7CVSS0.0058EPSS
Exploits0References3
NVD
NVD
added 2026/02/19 10:16 p.m.8 views

CVE-2026-26315

go-ethereum Geth is a golang execution layer implementation of the Ethereum protocol. Prior to version 1.16.9, through a flaw in the ECIES cryptography implementation, an attacker may be able to extract bits of the p2p node key. The issue is resolved in the v1.16.9 and v1.17.0 releases of Geth...

7.5CVSS0.00447EPSS
Exploits0References1
OSV
OSV
added 2026/02/19 9:22 p.m.11 views

CVE-2026-26315 Go Ethereum Improperly Validates the ECIES Public Key in RLPx Handshake

go-ethereum Geth is a golang execution layer implementation of the Ethereum protocol. Prior to version 1.16.9, through a flaw in the ECIES cryptography implementation, an attacker may be able to extract bits of the p2p node key. The issue is resolved in the v1.16.9 and v1.17.0 releases of Geth...

6.9CVSS5.7AI score0.00447EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/02/19 9:22 p.m.27 views

CVE-2026-26315 Go Ethereum Improperly Validates the ECIES Public Key in RLPx Handshake

go-ethereum Geth is a golang execution layer implementation of the Ethereum protocol. Prior to version 1.16.9, through a flaw in the ECIES cryptography implementation, an attacker may be able to extract bits of the p2p node key. The issue is resolved in the v1.16.9 and v1.17.0 releases of Geth...

6.9CVSS0.00447EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/19 9:22 p.m.7 views

CVE-2026-26315 Go Ethereum Improperly Validates the ECIES Public Key in RLPx Handshake

go-ethereum Geth is a golang execution layer implementation of the Ethereum protocol. Prior to version 1.16.9, through a flaw in the ECIES cryptography implementation, an attacker may be able to extract bits of the p2p node key. The issue is resolved in the v1.16.9 and v1.17.0 releases of Geth...

6.9CVSS5.7AI score0.00447EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/02/19 9:22 p.m.4 views

CVE-2026-26315

go-ethereum Geth is a golang execution layer implementation of the Ethereum protocol. Prior to version 1.16.9, through a flaw in the ECIES cryptography implementation, an attacker may be able to extract bits of the p2p node key. The issue is resolved in the v1.16.9 and v1.17.0 releases of Geth...

7.5CVSS6.1AI score0.00447EPSS
Exploits0
NVD
NVD
added 2026/02/19 9:18 p.m.8 views

CVE-2026-26313

go-ethereum geth is a golang execution layer implementation of the Ethereum protocol. Prior to version 1.17.0, an attacker can cause high memory usage by sending a specially-crafted p2p message. The issue is resolved in the v1.17.0 release...

7.5CVSS0.00578EPSS
Exploits0References2
Rows per page
Query Builder