Lucene search
K

8 matches found

CVE
CVE
added 2026/06/09 11:45 p.m.18 views

CVE-2026-46541

CVE-2026-46541 (Nimiq network-libp2p): Before 1.4.0, DHT handling in handle_dht_get() sometimes did not initialize the DhtResults accumulator if the first DHT record failed verification. This caused all subsequent valid records to be discarded with “DHT inconsistent state” errors, enabling potent...

7.5CVSS5.4AI score0.00346EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/09 11:44 p.m.32 views

CVE-2026-44505 Nimiq network-libp2p: Untrusted peer can wedge DHT

Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. network-libp2p handles kad get-record query progress in handledhtget network-libp2p/src/swarm.rs. Prior to version 1.4.0, when a peer returns a FoundRecord, the code verifies the record...

5.3CVSS0.00297EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/22 7:40 p.m.3 views

EUVD-2026-25058

Nimiq's network-libp2p is a Nimiq network implementation based on libp2p. Prior to version 1.3.0, network-libp2p discovery uses a libp2p ConnectionHandler state machine. the handler assumes there is at most one inbound and one outbound discovery substream per connection. if a remote peer...

7.5CVSS5.8AI score0.00352EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2026/04/22 7:23 p.m.9 views

nimiq-block-production (>=0.1.0 <=0.2.0), nimiq-client (>=0.1.0 <=0.2.0) +6 more potentially affected by CVE-2026-34066 via nimiq-blockchain (>=0.1.0 <=0.2.0)

nimiq-blockchain CARGO version =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.2.0 Source cves: CVE-2026-34066 Source advisory: OSV:GHSA-J99G-7RQW-Q9JG...

5.3CVSS5.8AI score0.00242EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/22 7:13 p.m.10 views

nimiq-accounts (>=0.1.0 <=0.2.0), nimiq-block-production (>=0.1.0 <=0.2.0) +11 more potentially affected by CVE-2026-33471 via nimiq-block (>=0.1.0 <=0.2.0)

nimiq-block CARGO version =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.2.0 Source cves: CVE-2026-33471 Source advisory: OSV:GHSA-6973-8887-87FF...

9.6CVSS5.8AI score0.00217EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.10 views

PT-2026-34544

Nimiq's network-libp2p is a Nimiq network implementation based on libp2p. Prior to version 1.3.0, network-libp2p discovery uses a libp2p ConnectionHandler state machine. the handler assumes there is at most one inbound and one outbound discovery substream per connection. if a remote peer...

7.5CVSS5.8AI score0.00352EPSS
Exploits0References7
Cvelist
Cvelist
added 2025/05/12 10:47 a.m.21 views

CVE-2025-47270 nimiq-network-libp2p Uncontrolled Resource Consumption vulnerability

nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. The nimiq-network-libp2p subcrate of nimiq/core-rs-albatross is vulnerable to a Denial of Service DoS attack due to uncontrolled memory allocation. Specifically, the...

7.5CVSS0.00613EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/05/12 10:47 a.m.10 views

CVE-2025-47270 nimiq-network-libp2p Uncontrolled Resource Consumption vulnerability

nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. The nimiq-network-libp2p subcrate of nimiq/core-rs-albatross is vulnerable to a Denial of Service DoS attack due to uncontrolled memory allocation. Specifically, the...

7.5CVSS7.7AI score0.00613EPSS
Exploits0References4
Rows per page
Query Builder