CVE-2026-41583 ZEBRA: Consensus Divergence in Transparent Sighash Hash-Type Handling

ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.3.1 and prior to zebra-script version 5.0.2, after a refactoring, Zebra failed to validate a consensus rule that restricted the possible values of sighash hash types for V5 transactions which were enabled in the NU5 network...

PT-2026-38618

Name of the Vulnerable Software and Affected Versions Zebra versions 4.3.1 through 4.3.1 Description Insufficient error handling during sighash computation can lead to consensus divergence. When an invalid sighash type is encountered, the system fails to return an error, leaving the input sighash...

CVE-2026-35679

Zcash zcashd before 6.12.0 allows invalid transactions to be accepted under certain conditions, which potentially could have resulted in the draining of user funds from the Sprout pool. It was sometimes not verifying Sprout proofs...

PT-2026-30508

Zcash zcashd before 6.12.0 allows invalid transactions to be accepted under certain conditions, which potentially could have resulted in the draining of user funds from the Sprout pool. It was sometimes not verifying Sprout proofs...

CVE-2020-8806

Electric Coin Company Zcashd before 2.1.1-1 allows attackers to trigger consensus failure and double spending. A valid chain could be incorrectly rejected because timestamp requirements on block headers were not properly enforced...

Electric Coin Company Zcashd Security Breach

Zcash is a decentralized open source data currency. Electric Coin Company Zcashd before 2.1.1-1 suffers from a security vulnerability that allows an attacker to trigger a consensus failure and double spend...