Lucene search
K

1118 matches found

Vulnrichment
Vulnrichment
added 2026/05/29 5:14 p.m.12 views

CVE-2026-44697 Klever-Go MultiDataInterceptor: remote OOM via crafted compressed P2P payload

Klever-Go is the Go implementation of the Klever blockchain protocol. Prior to 1.7.17, a remote, unauthenticated denial-of-service vulnerability in Batch.Decompress data/batch/batch.go allows any peer that participates in a topic served by MultiDataInterceptor to allocate multi-gigabyte heaps on...

8.6CVSS5.8AI score0.0038EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.10 views

Klever Blockchain 安全漏洞

Klever Blockchain is a high-performance blockchain network implemented by Klever in open source. Versions of Klever Blockchain prior to 1.7.17 contained security vulnerabilities. These vulnerabilities stemmed from a remote unauthenticated denial-of-service issue in the Batch.Decompress function...

8.6CVSS5.8AI score0.0038EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/05/28 12:0 a.m.16 views

DeepFake Forensics AI: A Multi-Modal Detection and Blockchain-Anchored Evidence Management Platform

The proliferation of AI-generated synthetic media poses a critical threat to the integrity of digital evidence in legal and forensic contexts. Existing deepfake detection systems typically address a single modality and provide no mechanism for tamper-proof evidence preservation. We present DeepFa...

5.8AI score
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/21 7:46 p.m.6 views

nimiq-block-production (>=0.1.0 <=0.2.0), nimiq-client (>=0.1.0 <=0.2.0) +6 more potentially affected by CVE-2026-46543 via nimiq-blockchain (>=0.1.0 <=0.2.0)

nimiq-blockchain CARGO version =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.2.0 Source cves: CVE-2026-46543 Source advisory: OSV:GHSA-VGHX-352F-93JM...

5.3CVSS5.5AI score0.00291EPSS
Exploits0
OSV
OSV
added 2026/05/21 12:0 a.m.9 views

MAL-2026-4202 Malicious code in chain-key-validator (npm)

A coordinated supply-chain attack comprising 10 npm packages published by maintainer ddjidd5640 [email protected] within a 48-hour window 2026-05-19T03:55Z – 2026-05-21T04:31Z. All packages masquerade as legitimate Web3/DeFi developer security tools MCP servers while silently exfiltrating...

5.8AI score
Exploits0References16
NVD
NVD
added 2026/05/20 10:16 p.m.18 views

CVE-2026-40094

nimiq-blockchain provides persistent block storage for Nimiq's Rust implementation. In versions 1.3.0 and prior, network-libp2p discovery accepts signed PeerContact updates from untrusted peers and stores them in a peer contact book, eventually leading to address book crash. A PeerContact can...

4.3CVSS0.00302EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/20 10:0 p.m.15 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals an obfuscated payload designed to steal developer credentials during the package installation. The malicious versions are still available on the official package manager. Malware Behaviour The attac...

9.8CVSS5.8AI score
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/20 9:27 p.m.10 views

CVE-2026-40094 nimiq-blockchain: network-libp2p untrusted peer can crash address book via empty peer contact addresses

nimiq-blockchain provides persistent block storage for Nimiq's Rust implementation. In versions 1.3.0 and prior, network-libp2p discovery accepts signed PeerContact updates from untrusted peers and stores them in a peer contact book, eventually leading to address book crash. A PeerContact can...

4.3CVSS5.8AI score0.00302EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/20 9:27 p.m.36 views

CVE-2026-40094 nimiq-blockchain: network-libp2p untrusted peer can crash address book via empty peer contact addresses

nimiq-blockchain provides persistent block storage for Nimiq's Rust implementation. In versions 1.3.0 and prior, network-libp2p discovery accepts signed PeerContact updates from untrusted peers and stores them in a peer contact book, eventually leading to address book crash. A PeerContact can...

4.3CVSS0.00302EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/20 9:27 p.m.14 views

CVE-2026-40094

nimiq-blockchain provides persistent block storage for Nimiq's Rust implementation. In versions 1.3.0 and prior, network-libp2p discovery accepts signed PeerContact updates from untrusted peers and stores them in a peer contact book, eventually leading to address book crash. A PeerContact can...

4.3CVSS5.8AI score0.00302EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/05/20 9:27 p.m.24 views

CVE-2026-40094

The CVE affects nimiq-blockchain (Rust). In versions up to 1.3.0, network-libp2p discovery accepts signed PeerContact updates from untrusted peers and stores them in a peer contact book; a PeerContact can have an empty addresses list. PeerContactBook::known_peers then builds the address book usin...

4.3CVSS5.8AI score0.00302EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/20 9:16 p.m.45 views

CVE-2026-40092 nimiq-keys: Unchecked Ed25519 signature length in TaggedPublicKey::verify causes remote node panic via DHT

nimiq-blockchain provides persistent block storage for Nimiq's Rust implementation. In versions 1.3.0 and below, a malicious network peer can crash any Nimiq full node by publishing a crafted Kademlia DHT record. The maliciously crafted record would contain a TaggedSigned with a signature field...

7.5CVSS0.00626EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/20 9:16 p.m.7 views

CVE-2026-40092 nimiq-keys: Unchecked Ed25519 signature length in TaggedPublicKey::verify causes remote node panic via DHT

nimiq-blockchain provides persistent block storage for Nimiq's Rust implementation. In versions 1.3.0 and below, a malicious network peer can crash any Nimiq full node by publishing a crafted Kademlia DHT record. The maliciously crafted record would contain a TaggedSigned with a signature field...

7.5CVSS5.9AI score0.00626EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/20 9:16 p.m.9 views

CVE-2026-40092

nimiq-blockchain provides persistent block storage for Nimiq's Rust implementation. In versions 1.3.0 and below, a malicious network peer can crash any Nimiq full node by publishing a crafted Kademlia DHT record. The maliciously crafted record would contain a TaggedSigned with a signature field...

7.5CVSS5.9AI score0.00626EPSS
Exploits0References5Affected Software1
EUVD
EUVD
added 2026/05/20 9:16 p.m.15 views

EUVD-2026-31197

nimiq-blockchain provides persistent block storage for Nimiq's Rust implementation. In versions 1.3.0 and below, a malicious network peer can crash any Nimiq full node by publishing a crafted Kademlia DHT record. The maliciously crafted record would contain a TaggedSigned with a signature field...

7.5CVSS5.9AI score0.00626EPSS
Exploits0References4
Packet Storm News
Packet Storm News
added 2026/05/15 12:0 a.m.9 views

Quantum Futures Interactive: A Live Demonstration of Post-Quantum Blockchain Security, Infrastructure Tradeoffs, and Sustainable Distributed Trust

Advances in quantum computing introduce long-term security challenges for widely deployed public-key cryptographic systems used across blockchain platforms and decentralized applications. Although post-quantum cryptography PQC standards are emerging, understanding quantum risk remains fragmented...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/09 12:0 a.m.18 views

Smart Contract Security beyond Detection

Smart contract security has progressed from vulnerability detection toward a broader research agenda that includes semantic reasoning, automated repair, adversarial robustness, and real-time exploit detection. This paper develops a capstone-oriented research narrative around four directions:...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2026/04/30 11:30 a.m.6 views

EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades

Intro A sophisticated, high-resilience malicious campaign was identified by Atos Threat Research Center TRC in March 2026. This operation specifically targets the high-privilege professional accounts of enterprise administrators, DevOps engineers, and security analysts by impersonating...

6.8AI score
Exploits0
NVD
NVD
added 2026/04/22 8:16 p.m.5 views

CVE-2026-34066

nimiq-blockchain provides persistent block storage for Nimiq's Rust implementation. Prior to version 1.3.0, HistoryStore::puthistorictxns uses an assert! to enforce invariants about HistoricTransaction.blocknumber must be within the macro block being pushed and within the same epoch. During histo...

5.3CVSS0.00242EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/22 7:47 p.m.33 views

CVE-2026-34066 nimiq-blockchain: Peer-triggerable panic during history sync

nimiq-blockchain provides persistent block storage for Nimiq's Rust implementation. Prior to version 1.3.0, HistoryStore::puthistorictxns uses an assert! to enforce invariants about HistoricTransaction.blocknumber must be within the macro block being pushed and within the same epoch. During histo...

5.3CVSS0.00242EPSS
Exploits0References4
Rows per page
Query Builder