CVE-2026-44498

ZEBRA is a Zcash node written entirely in Rust. Prior to version 4.4.0, Zebra's block validator undercounts transparent signature operations against the 20000-sigop block limit MAXBLOCKSIGOPS, allowing it to accept blocks that zcashd rejects with bad-blk-sigops. A miner who produces such a block...

zebra 安全漏洞

Zebra is an open-source implementation of Zcash full node written in Rust by the Zcash Foundation. Versions of Zebra prior to 4.4.0 contained a security vulnerability, which was caused by a combined denial-of-service vulnerability in the block discovery pipeline. This vulnerability could allow...

Zebra Vulnerable to Allocation Amplification in Inbound Network Deserializers

CVE-2026-44500: Allocation Amplification in Inbound Network Deserializers Summary Several inbound deserialization paths in Zebra allocated buffers sized against generic transport or block-size ceilings before the tighter protocol or consensus limits were enforced. An unauthenticated or...

GHSA-438Q-JX8F-CCCV Zebra Vulnerable to Allocation Amplification in Inbound Network Deserializers

CVE-2026-44500: Allocation Amplification in Inbound Network Deserializers Summary Several inbound deserialization paths in Zebra allocated buffers sized against generic transport or block-size ceilings before the tighter protocol or consensus limits were enforced. An unauthenticated or...

Zebra Vulnerable to Consensus Divergence in Transparent Sighash Hash-Type Handling

CVE-2026-41583: Consensus Divergence in Transparent Sighash Hash-Type Handling Summary After a refactoring, Zebra failed to validate a consensus rule that restricted the possible values of sighash hash types for V5 transactions which were enabled in the NU5 network upgrade. Zebra nodes could thus...

zebra 数据伪造问题漏洞

Zebra is an open-source implementation of Zcash full node written in Rust by the Zcash Foundation. Zebra has a vulnerability related to data forgery, which stems from logical errors in the transaction verification cache. This vulnerability could allow malicious miners to manipulate consensus...

zebra 安全漏洞

Zebra is an open-source Zcash implementation built using Rust by the Zcash Foundation. There is a security vulnerability in Zebra, which stems from vulnerabilities in the transaction processing logic of Zebra. This vulnerability could allow remote, unauthenticated attackers to cause Zebra nodes t...

PT-2026-28604

Name of the Vulnerable Software and Affected Versions Zebra versions prior to 4.3.0 Description A flaw exists in Zebra’s transaction processing logic that allows a remote, unauthenticated attacker to cause a Zebra node to crash. This is triggered by sending a specially crafted V5 transaction that...

EUVD-2003-0786

Malware in sbrugna...

CVE-2003-0858

Zebra 0.93b and earlier, and quagga before 0.95, allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface...

CVE-2003-0795

The vty layer in Quagga before 0.96.4, and Zebra 0.93b and earlier, does not verify that sub-negotiation is taking place when processing the SE marker, which allows remote attackers to cause a denial of service crash via a malformed telnet command to the telnet CLI port, which may trigger a null...

CVE-2003-0858

Zebra 0.93b and earlier, and quagga before 0.95, allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface...

CVE-2003-0795

The vty layer in Quagga before 0.96.4, and Zebra 0.93b and earlier, does not verify that sub-negotiation is taking place when processing the SE marker, which allows remote attackers to cause a denial of service crash via a malformed telnet command to the telnet CLI port, which may trigger a null...

Quagga remote vulnerability

Summary: -------- All versions of Quagga and also GNU Zebra, from which Quagga was forked are vulnerable to a remotely triggerable denial of service. Scope of vulnerability: ----------------------- All versions of GNU Zebra and all versions of Quagga /prior/ to 0.96.4, where a daemon's vty, ie th...

security flaw

Zebra 0.93b and earlier, and quagga before 0.95, allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface...

GNU Zebra 0.9x / Quagga 0.96 - Remote Denial of Service

source: https://www.securityfocus.com/bid/9029/info It has been reported that Zebra, as well as Quagga, may be vulnerable to a remote denial of service vulnerability that may allow an attacker to cause the software to crash or hang. The issue is reported to occur if an attacker attempts to connec...

GNU Zebra 0.9x Quagga 0.96 - Remote Denial of Service

GNU Zebra 0.9x Quagga 0.96 - Remote Denial of Service source: https://www.securityfocus.com/bid/9029/info It has been reported that Zebra, as well as Quagga, may be vulnerable to a remote denial of service vulnerability that may allow an attacker to cause the software to crash or hang. The issue ...