CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

29 matches found

CVE•added 2026/06/09 11:47 p.m.•15 views

CVE-2026-46543

CVE-2026-46543 (Nimiq blockchain) affects the Rust implementation

5.3CVSS5.5AI score0.00291EPSS

Exploits0References3

Vulnrichment•added 2026/06/09 11:47 p.m.•6 views

CVE-2026-46543 nimiq-blockchain: Genesis batch set request

Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.5.0, a remote peer can crash any full node by sending a RequestBatchSet message containing the genesis block's hash. The handler calls getepochchunks which iterates...

5.3CVSS5.5AI score0.00291EPSS

Exploits0References3

EUVD•added 2026/06/09 11:45 p.m.•5 views

EUVD-2026-35882

Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.4.0, iIn handledhtget, the DhtResults accumulator is only initialized when the first DHT record passes verification. If the first record fails from a malicious DHT...

7.5CVSS5.4AI score0.00346EPSS

Exploits0References3

RedhatCVE•added 2026/06/05 7:13 p.m.•5 views

CVE-2026-40092

nimiq-blockchain provides persistent block storage for Nimiq's Rust implementation. In versions 1.3.0 and below, a malicious network peer can crash any Nimiq full node by publishing a crafted Kademlia DHT record. The maliciously crafted record would contain a TaggedSigned with a signature field...

7.5CVSS5.6AI score0.00626EPSS

Exploits0References1

vulnersOsv•added 2026/05/21 7:46 p.m.•3 views

nimiq-block-production (>=0.1.0 <=0.2.0), nimiq-client (>=0.1.0 <=0.2.0) +6 more potentially affected by CVE-2026-46543 via nimiq-blockchain (>=0.1.0 <=0.2.0)

nimiq-blockchain CARGO version =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.2.0 Source cves: CVE-2026-46543 Source advisory: OSV:GHSA-VGHX-352F-93JM...

5.3CVSS5.5AI score0.00291EPSS

Exploits0

NVD•added 2026/05/20 10:16 p.m.•15 views

CVE-2026-40094

nimiq-blockchain provides persistent block storage for Nimiq's Rust implementation. In versions 1.3.0 and prior, network-libp2p discovery accepts signed PeerContact updates from untrusted peers and stores them in a peer contact book, eventually leading to address book crash. A PeerContact can...

4.3CVSS0.00302EPSS

Exploits0References3

Cvelist•added 2026/05/20 9:27 p.m.•31 views

CVE-2026-40094 nimiq-blockchain: network-libp2p untrusted peer can crash address book via empty peer contact addresses

4.3CVSS0.00302EPSS

Exploits0References3

Vulnrichment•added 2026/05/20 9:27 p.m.•6 views

CVE-2026-40094 nimiq-blockchain: network-libp2p untrusted peer can crash address book via empty peer contact addresses

4.3CVSS5.8AI score0.00302EPSS

Exploits0References3

ATTACKERKB•added 2026/05/20 9:27 p.m.•7 views

CVE-2026-40094

4.3CVSS5.8AI score0.00302EPSS

Exploits0References4Affected Software1

CVE•added 2026/05/20 9:27 p.m.•18 views

CVE-2026-40094

The CVE affects nimiq-blockchain (Rust). In versions up to 1.3.0, network-libp2p discovery accepts signed PeerContact updates from untrusted peers and stores them in a peer contact book; a PeerContact can have an empty addresses list. PeerContactBook::known_peers then builds the address book usin...

4.3CVSS5.8AI score0.00302EPSS

Exploits0References3

Vulnrichment•added 2026/05/20 9:16 p.m.•4 views

CVE-2026-40092 nimiq-keys: Unchecked Ed25519 signature length in TaggedPublicKey::verify causes remote node panic via DHT

7.5CVSS5.9AI score0.00626EPSS

Exploits0References4

EUVD•added 2026/05/20 9:16 p.m.•12 views

EUVD-2026-31197

7.5CVSS5.9AI score0.00626EPSS

Exploits0References4

ATTACKERKB•added 2026/05/20 9:16 p.m.•5 views

CVE-2026-40092

7.5CVSS5.9AI score0.00626EPSS

Exploits0References5Affected Software1

Cvelist•added 2026/05/20 9:16 p.m.•37 views

CVE-2026-40092 nimiq-keys: Unchecked Ed25519 signature length in TaggedPublicKey::verify causes remote node panic via DHT

7.5CVSS0.00626EPSS

Exploits0References4

NVD•added 2026/04/22 8:16 p.m.•2 views

CVE-2026-34066

nimiq-blockchain provides persistent block storage for Nimiq's Rust implementation. Prior to version 1.3.0, HistoryStore::puthistorictxns uses an assert! to enforce invariants about HistoricTransaction.blocknumber must be within the macro block being pushed and within the same epoch. During histo...

5.3CVSS0.00242EPSS

Exploits0References4

CVE•added 2026/04/22 7:47 p.m.•4 views

CVE-2026-34066

The CVE affects the nimiq-blockchain Rust implementation. Before v1.3.0, HistoryStore::put_historic_txns asserts invariants on HistoricTransaction.block_number (must be within the macro block and same epoch). During history sync, a peer can influence the history input to Blockchain::push_history_...

5.3CVSS5.7AI score0.00242EPSS

Exploits0References4Affected Software1

ATTACKERKB•added 2026/04/22 7:47 p.m.•4 views

CVE-2026-34066

5.3CVSS5.7AI score0.00242EPSS

Exploits0References5Affected Software1

Vulnrichment•added 2026/04/22 7:47 p.m.•2 views

CVE-2026-34066 nimiq-blockchain: Peer-triggerable panic during history sync

5.3CVSS5.7AI score0.00242EPSS

Exploits0References4

Cvelist•added 2026/04/22 7:47 p.m.•25 views

CVE-2026-34066 nimiq-blockchain: Peer-triggerable panic during history sync

5.3CVSS0.00242EPSS

Exploits0References4

vulnersOsv•added 2026/04/22 7:23 p.m.•6 views

nimiq-block-production (>=0.1.0 <=0.2.0), nimiq-client (>=0.1.0 <=0.2.0) +6 more potentially affected by CVE-2026-34066 via nimiq-blockchain (>=0.1.0 <=0.2.0)

nimiq-blockchain CARGO version =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.2.0 Source cves: CVE-2026-34066 Source advisory: OSV:GHSA-J99G-7RQW-Q9JG...

5.3CVSS5.8AI score0.00242EPSS

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by