9 matches found
CVE-2026-40093
nimiq-blockchain provides persistent block storage for Nimiq's Rust implementation. In 1.3.0 and earlier, block timestamp validation enforces that timestamp = parent.timestamp for non-skip blocks and timestamp == parent.timestamp + MINPRODUCERTIMEOUT for skip blocks, but there is no visible upper...
EUVD-2026-21146
nimiq-blockchain is missing a wall-clock upper bound on block timestamps...
GHSA-49XC-52MP-CC9J nimiq-blockchain is missing a wall-clock upper bound on block timestamps
Impact Block timestamp validation enforces that timestamp = parent.timestamp for non-skip blocks and timestamp == parent.timestamp + MINPRODUCERTIMEOUT for skip blocks, but there is no visible upper bound check against the wall clock. A malicious block-producing validator can set block timestamps...
nimiq-blockchain is missing a wall-clock upper bound on block timestamps
Impact Block timestamp validation enforces that timestamp = parent.timestamp for non-skip blocks and timestamp == parent.timestamp + MINPRODUCERTIMEOUT for skip blocks, but there is no visible upper bound check against the wall clock. A malicious block-producing validator can set block timestamps...
CVE-2026-40093
nimiq-blockchain provides persistent block storage for Nimiq's Rust implementation. In 1.3.0 and earlier, block timestamp validation enforces that timestamp = parent.timestamp for non-skip blocks and timestamp == parent.timestamp + MINPRODUCERTIMEOUT for skip blocks, but there is no visible upper...
CVE-2026-40093 nimiq-blockchain is missing a wall-clock upper bound on block timestamps
nimiq-blockchain provides persistent block storage for Nimiq's Rust implementation. In 1.3.0 and earlier, block timestamp validation enforces that timestamp = parent.timestamp for non-skip blocks and timestamp == parent.timestamp + MINPRODUCERTIMEOUT for skip blocks, but there is no visible upper...
CVE-2026-40093
The CVE describes a wall-clock upper bound omission in Nimiq’s block timestamp validation for the nimiq-blockchain Rust implementation (1.3.0 and earlier). Specifically, non-skip blocks enforce timestamp >= parent.timestamp and skip blocks enforce timestamp == parent.timestamp + MIN_PRODUCER_T...
CVE-2026-40093 nimiq-blockchain is missing a wall-clock upper bound on block timestamps
nimiq-blockchain provides persistent block storage for Nimiq's Rust implementation. In 1.3.0 and earlier, block timestamp validation enforces that timestamp = parent.timestamp for non-skip blocks and timestamp == parent.timestamp + MINPRODUCERTIMEOUT for skip blocks, but there is no visible upper...
core-rs-albatross 安全漏洞
core-rs-albatross is a Rust implementation of the Albatross protocol developed by Nimiq. Versions of core-rs-albatross 1.3.0 and earlier contained security vulnerabilities. These vulnerabilities stemmed from a lack of upper limit checks on block timestamps, allowing malicious validators to set...