CVE-2026-44714

The bitcoinj library is a Java implementation of the Bitcoin protocol. Prior to 0.17.1, ScriptExecution.correctlySpends contains two fast-path verification bugs for standard P2PKH and native P2WPKH spends in core/src/main/java/org/bitcoinj/script/ScriptExecution.java. In both branches, bitcoinj...

CVE-2026-44714

The bitcoinj library is a Java implementation of the Bitcoin protocol. Prior to 0.17.1, ScriptExecution.correctlySpends contains two fast-path verification bugs for standard P2PKH and native P2WPKH spends in core/src/main/java/org/bitcoinj/script/ScriptExecution.java. In both branches, bitcoinj...

EUVD-2026-30571

The bitcoinj library is a Java implementation of the Bitcoin protocol. Prior to 0.17.1, ScriptExecution.correctlySpends contains two fast-path verification bugs for standard P2PKH and native P2WPKH spends in core/src/main/java/org/bitcoinj/script/ScriptExecution.java. In both branches, bitcoinj...

CVE-2026-44714

CVE-2026-44714 affects the bitcoinj Java library prior to 0.17.1. The issue lives in ScriptExecution.correctlySpends() and creates two fast-path verification bugs for P2PKH and native P2WPKH spends. In both paths, the code validates an attacker-controlled signature/public-key pair but does not ve...

CVE-2026-44714

The bitcoinj library is a Java implementation of the Bitcoin protocol. Prior to 0.17.1, ScriptExecution.correctlySpends contains two fast-path verification bugs for standard P2PKH and native P2WPKH spends in core/src/main/java/org/bitcoinj/script/ScriptExecution.java. In both branches, bitcoinj...

CVE-2026-44714 bitcoinj: ScriptExecution P2PKH/P2WPKH Verification Bypass

The bitcoinj library is a Java implementation of the Bitcoin protocol. Prior to 0.17.1, ScriptExecution.correctlySpends contains two fast-path verification bugs for standard P2PKH and native P2WPKH spends in core/src/main/java/org/bitcoinj/script/ScriptExecution.java. In both branches, bitcoinj...

CVE-2026-44714 bitcoinj: ScriptExecution P2PKH/P2WPKH Verification Bypass

The bitcoinj library is a Java implementation of the Bitcoin protocol. Prior to 0.17.1, ScriptExecution.correctlySpends contains two fast-path verification bugs for standard P2PKH and native P2WPKH spends in core/src/main/java/org/bitcoinj/script/ScriptExecution.java. In both branches, bitcoinj...

bitcoinj 数据伪造问题漏洞

Bitcoinj is an open-source Java implementation of a Bitcoin protocol library, supporting wallet management and transaction sending/ receiving. Versions of Bitcoinj prior to 0.17.1 had a data manipulation vulnerability. This vulnerability stems from defects in the fast path validation mechanism in...

bitcoinj has a ScriptExecution P2PKH/P2WPKH Verification Bypass

Summary ScriptExecution.correctlySpends contains two fast-path verification bugs for standard P2PKH and native P2WPKH spends in core/src/main/java/org/bitcoinj/script/ScriptExecution.java. In both branches, bitcoinj verifies an attacker-controlled signature/public-key pair but fails to verify tha...

Improper Verification of Cryptographic Signature

Overview Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature in the correctlySpends process. An attacker can bypass output verification by supplying a crafted signature and public key pair, allowing unauthorized transaction validation. Remediation...

app.cash.bittycity:outie (=0.0.1), app.cash.bittycity:outie-jooq-provider (=0.0.1) +173 more potentially affected by CVE-2026-44714 via org.bitcoinj:bitcoinj-core (>=0.15.10 <=0.17-beta1)

org.bitcoinj:bitcoinj-core MAVEN version =0.15.10, =0.0.1, =0.1.0-M36, =0.1.0-M26, =0.1.1-alpha, =4.0.1911, =6.0.2, =6.1.0, =0.1.0, =1.0.1, =0.5.0, =1.0.0, =0.2, =0.13 and more Source cves: CVE-2026-44714 Source advisory: OSV:GHSA-HFCF-V2F8-X9PC...

app.cash.bittycity:outie (=0.0.1), app.cash.bittycity:outie-jooq-provider (=0.0.1) +173 more potentially affected by CVE-2026-44714 via org.bitcoinj:bitcoinj-core (>=0.15.10 <=0.17-beta1)

org.bitcoinj:bitcoinj-core MAVEN version =0.15.10, =0.0.1, =0.1.0-M36, =0.1.0-M26, =0.1.1-alpha, =4.0.1911, =6.0.2, =6.1.0, =0.1.0, =1.0.1, =0.5.0, =1.0.0, =0.2, =0.13 and more Source cves: CVE-2026-44714 Source advisory: SNYK:JAVA-ORGBITCOINJ-16726407...

GHSA-HFCF-V2F8-X9PC bitcoinj has a ScriptExecution P2PKH/P2WPKH Verification Bypass

Summary ScriptExecution.correctlySpends contains two fast-path verification bugs for standard P2PKH and native P2WPKH spends in core/src/main/java/org/bitcoinj/script/ScriptExecution.java. In both branches, bitcoinj verifies an attacker-controlled signature/public-key pair but fails to verify tha...

PT-2026-39293

Summary ScriptExecution.correctlySpends contains two fast-path verification bugs for standard P2PKH and native P2WPKH spends in core/src/main/java/org/bitcoinj/script/ScriptExecution.java. In both branches, bitcoinj verifies an attacker-controlled signature/public-key pair but fails to verify tha...

Denial Of Service (DoS)

bitcoinj-core is vulnerable to denial-of-service DoS attacks. The vulnerability exists as it does not check for the amount of transactions being parsed, allowing attackers to send trillions of transactions as inputs to cause a DoS attack...