CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

538 matches found

CVE-2026-46540

Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.4.0, when LightBlockchain::rebranch adopts a fork chain whose tip is a macro block checkpoint or election, it only updates self.head but fails to update self.macrohea...

6.5CVSS5.3AI score0.00037EPSS

Exploits0References1

NVD•added 2 days ago•8 views

CVE-2026-46540

6.5CVSS0.00037EPSS

Exploits0References3

CVE•added 3 days ago•6 views

CVE-2026-46540

Nimiq light-blockchain (Rust, Albatross) had a bug in LightBlockchain::rebranch() before v1.4.0: when forking to a macro-block tip (checkpoint or election), it updated only head and did not refresh macro_head, election_head, current_validators, or store the election header. This mismatch with the...

6.5CVSS5.3AI score0.00037EPSS

Exploits0References3

EUVD•added 3 days ago•5 views

EUVD-2026-35881

6.5CVSS5.3AI score0.00037EPSS

Exploits0References3

Vulnrichment•added 3 days ago•4 views

CVE-2026-46540 Nimiq light-blockchain: Light blockchain rebranch issue

6.5CVSS5.3AI score0.00037EPSS

Exploits0References3

Cvelist•added 3 days ago•30 views

CVE-2026-46540 Nimiq light-blockchain: Light blockchain rebranch issue

6.5CVSS0.00037EPSS

Exploits0References3

Vulnrichment•added 3 days ago•3 views

CVE-2026-46539 nimiq-primitives: BlockInclusionProof interlink issue when hops are empty

Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.4.0, a logic flaw in BlockInclusionProof::isblockproven causes the function to return true without performing any cryptographic verification when getinterlinkhops...

5.9CVSS5.4AI score0.00014EPSS

Exploits0References3

Positive Technologies•added 3 days ago•7 views

PT-2026-48331

6.5CVSS5.3AI score0.00037EPSS

Exploits0References4

RedhatCVE•added last week•6 views

CVE-2026-34065

nimiq-primitives contains primitives e.g., block, account, transaction to be used in Nimiq's Rust implementation. Prior to version 1.3.0, an untrusted p2p peer can cause a node to panic by announcing an election macro block whose validators set contains an invalid compressed BLS voting key. Hashi...

7.5CVSS5.4AI score0.00052EPSS

Exploits0References1

OSV•added 2026/05/21 7:38 p.m.•8 views

GHSA-799F-29JM-GR6C nimiq-primitives: BlockInclusionProof interlink issue when hops are empty

Impact A logic flaw in BlockInclusionProof::isblockproven causes the function to return true without performing any cryptographic verification when getinterlinkhops yields an empty hop list. This occurs when the target block is at the election block position immediately preceding the election...

5.9CVSS5.8AI score0.00014EPSS

Exploits0References6

Positive Technologies•added 2026/05/21 12:0 a.m.•6 views

PT-2026-42602

Impact A logic flaw in BlockInclusionProof::is block proven causes the function to return true without performing any cryptographic verification when get interlink hops yields an empty hop list. This occurs when the target block is at the election block position immediately preceding the election...

5.9CVSS5.8AI score

Exploits0References6

Positive Technologies•added 2026/05/21 12:0 a.m.•7 views

PT-2026-42669

Name of the Vulnerable Software and Affected Versions Nimiq versions prior to 1.4.0 Description A logic flaw in the is block proven function within BlockInclusionProof allows the function to return true without performing cryptographic verification when get interlink hops returns an empty hop lis...

5.9CVSS5.5AI score0.00014EPSS

Exploits0References7

Microsoft Secure•added 2026/05/14 3:0 p.m.•9 views

Kazuar: Anatomy of a nation-state botnet

In this article 1. Delivery 2. Module types 3. Botnet operations 4. Who is Secret Blizzard? 5. Mitigation and protection guidance 6. Microsoft Defender detections Kazuar, a sophisticated malware family attributed to the Russian state actor Secret Blizzard, has been under constant development for...

6.1AI score

Exploits0

NVD•added 2026/04/22 8:16 p.m.•1 views

CVE-2026-34065

7.5CVSS0.00052EPSS

Exploits0References4

Vulnrichment•added 2026/04/22 7:45 p.m.•3 views

CVE-2026-34065 nimiq-primitives: Node crash due to missing interlink validation in election macro block proposals

7.5CVSS5.7AI score0.00052EPSS

Exploits0References4

CVE•added 2026/04/22 7:45 p.m.•5 views

CVE-2026-34065

CVE-2026-34065 affects nimiq-primitives in Nimiq’s Rust implementation. Before version 1.3.0, an untrusted p2p peer could cause a node to panic by announcing an election macro block whose validators set includes an invalid compressed BLS voting key. Hashing the election macro header hashes the va...

7.5CVSS5.7AI score0.00052EPSS

Exploits0References4Affected Software1

ATTACKERKB•added 2026/04/22 7:45 p.m.•2 views

CVE-2026-34065

7.5CVSS5.7AI score0.00052EPSS

Exploits0References5Affected Software1

Cvelist•added 2026/04/22 7:45 p.m.•24 views

CVE-2026-34065 nimiq-primitives: Node crash due to missing interlink validation in election macro block proposals

7.5CVSS0.00052EPSS

Exploits0References4

EUVD•added 2026/04/22 7:19 p.m.•0 views

EUVD-2026-25062

nimiq-primitives: Node crash due to missing interlink validation in election macro block proposals...

7.5CVSS5.7AI score0.00052EPSS

Exploits0References4

OSV•added 2026/04/22 7:19 p.m.•1 views

GHSA-7C4J-2M43-2MGH nimiq-primitives: Node crash due to missing interlink validation in election macro block proposals

Impact An untrusted p2p peer can cause a node to panic by announcing an election macro block whose validators set contains an invalid compressed BLS voting key. Hashing an election macro header hashes validators and reaches Validators::votingkeys, which calls validator.votingkey.uncompress.unwrap...

7.5CVSS5.8AI score0.00052EPSS

Exploits0References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by