CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/06/11 2:59 a.m.•8 views

CVE-2026-46539

Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.4.0, a logic flaw in BlockInclusionProof::isblockproven causes the function to return true without performing any cryptographic verification when getinterlinkhops...

5.9CVSS5.4AI score0.0015EPSS

RedhatCVE•added 2026/06/11 2:59 a.m.•10 views

CVE-2026-46542

Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.4.0, a denial-of-service vulnerability exists in the Ed25519 multisig delinearization code path. Ed25519PublicKey::delinearize in keys/src/multisig/mod.rs called...

4.3CVSS5.5AI score0.00231EPSS

RedhatCVE•added 2026/06/11 2:59 a.m.•9 views

CVE-2026-44505

Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. network-libp2p handles kad get-record query progress in handledhtget network-libp2p/src/swarm.rs. Prior to version 1.4.0, when a peer returns a FoundRecord, the code verifies the record...

5.3CVSS5.5AI score0.00297EPSS

RedhatCVE•added 2026/06/11 2:59 a.m.•8 views

CVE-2026-46541

Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.4.0, iIn handledhtget, the DhtResults accumulator is only initialized when the first DHT record passes verification. If the first record fails from a malicious DHT...

7.5CVSS5.4AI score0.00346EPSS

NVD•added 2026/06/10 12:16 a.m.•7 views

CVE-2026-46539

5.9CVSS0.0015EPSS

NVD•added 2026/06/10 12:16 a.m.•11 views

CVE-2026-46542

4.3CVSS0.00231EPSS

NVD•added 2026/06/10 12:16 a.m.•16 views

CVE-2026-46545

Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.5.0, a remote, unauthenticated denial-of-service vulnerability in MerkleRadixTrie::putchunk allows any state-sync peer to crash any node performing state...

7.5CVSS0.00339EPSS

NVD•added 2026/06/10 12:16 a.m.•10 views

CVE-2026-46541

7.5CVSS0.00346EPSS

NVD•added 2026/06/10 12:16 a.m.•9 views

CVE-2026-46543

5.3CVSS0.00291EPSS

CNNVD•added 2026/06/10 12:0 a.m.•12 views

Nimiq 安全漏洞

Nimiq is an open-source implementation of the Albatross protocol in Rust. Versions of Nimiq prior to 1.5.0 contained a security vulnerability. This vulnerability occurred when processing RequestBatchSet messages that contained the hash of the genesis block, causing Policy::macroblockbefore to cra...

5.3CVSS5.3AI score0.00291EPSS

CNNVD•added 2026/06/10 12:0 a.m.•8 views

Nimiq 安全漏洞

Nimiq is an open-source implementation of the Albatross protocol in Rust. Versions of Nimiq prior to 1.4.0 contained a security vulnerability. This vulnerability stemmed from the call to .unwrap during the delinearize function in Ed25519PublicKey::delinearize. When the public key was constructed...

4.3CVSS5.3AI score0.00231EPSS

CNNVD•added 2026/06/10 12:0 a.m.•9 views

Nimiq 数据伪造问题漏洞

Nimiq is an open-source implementation of the Albatross protocol in Rust. Versions of Nimiq prior to 1.4.0 had a data manipulation vulnerability. This vulnerability stems from a logical flaw in the BlockInclusionProof::isblockproven function, causing it to return true without performing any...

5.9CVSS5.2AI score0.0015EPSS

CNNVD•added 2026/06/10 12:0 a.m.•7 views

Nimiq 安全漏洞

Nimiq is an open-source implementation of the Albatross protocol in Rust. Versions of Nimiq prior to 1.5.0 contained a security vulnerability. This vulnerability stemmed from the use of MerkleRadixTrie::putchunk, which allowed remote unauthenticated attackers to cause nodes that synchronize...

7.5CVSS5.7AI score0.00339EPSS

CNNVD•added 2026/06/10 12:0 a.m.•4 views

Nimiq 代码问题漏洞

Nimiq is an open-source implementation of the Albatross protocol in Rust. Versions of Nimiq prior to 1.4.0 had code vulnerabilities. These vulnerabilities stemmed from the DhtResults accumulator in handledhtget, which was only initialized when the first DHT record passed validation. This allowed...

7.5CVSS5.3AI score0.00346EPSS

CNNVD•added 2026/06/10 12:0 a.m.•10 views

Nimiq 安全漏洞

Nimiq is an open-source implementation of the Albatross protocol in Rust. Versions of Nimiq prior to 1.4.0 contained security vulnerabilities. These vulnerabilities stemmed from the use of LightBlockchain::rebranch, which only updated self.head when a fork chain was adopted, without updating...

6.5CVSS5.4AI score0.00259EPSS

CNNVD•added 2026/06/10 12:0 a.m.•10 views

Nimiq 安全漏洞

Nimiq is an open-source implementation of the Albatross protocol in Rust. Prior versions of the Nimiq network-libp2p 1.4.0 contained security vulnerabilities. These vulnerabilities stemmed from improper handling of the kad get-record query, where incorrect validation of records resulted in...

5.3CVSS5.3AI score0.00297EPSS

CVE•added 2026/06/09 11:47 p.m.•17 views

CVE-2026-46545

Summary: CVE-2026-46545 affects the Nimiq core-rs-albatross project (MerkleRadixTrie::put_chunk) and causes a remote, unauthenticated denial-of-service by a malicious state-sync peer sending a ROOT-keyed item in a ResponseChunk; upon put_raw attempting to store at the root, it panics with RootCan...

7.5CVSS5.4AI score0.00339EPSS