Lucene search
K

19 matches found

Cvelist
Cvelist
added 2026/06/10 9:9 p.m.32 views

CVE-2026-45783 libp2p: Unvalidated PUT_VALUE records allow unbounded disk exhaustion on DHT server nodes

libp2p is a JavaScript Implementation of libp2p networking stack. Prior to version 16.2.6, an unauthenticated remote peer can exhaust the disk storage of any @libp2p/kad-dht node running in server mode by sending an unbounded stream of PUTVALUE messages whose keys bypass all content validation. N...

7.5CVSS0.00354EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:13 p.m.9 views

CVE-2026-40092

nimiq-blockchain provides persistent block storage for Nimiq's Rust implementation. In versions 1.3.0 and below, a malicious network peer can crash any Nimiq full node by publishing a crafted Kademlia DHT record. The maliciously crafted record would contain a TaggedSigned with a signature field...

7.5CVSS5.6AI score0.00626EPSS
Exploits0References1
NVD
NVD
added 2026/05/20 10:16 p.m.26 views

CVE-2026-40092

nimiq-blockchain provides persistent block storage for Nimiq's Rust implementation. In versions 1.3.0 and below, a malicious network peer can crash any Nimiq full node by publishing a crafted Kademlia DHT record. The maliciously crafted record would contain a TaggedSigned with a signature field...

7.5CVSS0.00626EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/20 9:16 p.m.9 views

CVE-2026-40092

nimiq-blockchain provides persistent block storage for Nimiq's Rust implementation. In versions 1.3.0 and below, a malicious network peer can crash any Nimiq full node by publishing a crafted Kademlia DHT record. The maliciously crafted record would contain a TaggedSigned with a signature field...

7.5CVSS5.9AI score0.00626EPSS
Exploits0References5Affected Software1
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.15 views

Nimiq 安全漏洞

Nimiq is an open-source implementation of the Albatross protocol in Rust. Versions of Nimiq 1.3.0 and earlier contain security vulnerabilities. These vulnerabilities stem from malicious network peer nodes publishing specially crafted Kademlia DHT records where the length of the signature field is...

7.5CVSS5.8AI score0.00626EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/15 12:0 a.m.20 views

PT-2026-41387

Name of the Vulnerable Software and Affected Versions nimiq-blockchain versions prior to 1.4.0 Description A malicious network peer can crash a Nimiq full node by publishing a crafted Kademlia DHT record. The record contains a TaggedSigned with a signature field whose byte length is not exactly 6...

7.5CVSS5.9AI score0.00626EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/05/23 5:38 a.m.6 views

CVE-2023-26248

The Kademlia DHT go-libp2p-kad-dht 0.20.0 and earlier used in IPFS 0.18.1 and earlier assigns routing information for content i.e., information about who holds the content to be stored by peers whose peer IDs have a small DHT distance from the content ID. This allows an attacker to censor content...

5.3CVSS6.5AI score0.00201EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2024/12/21 1:15 a.m.5 views

SUSE CVE-2023-26248

The Kademlia DHT go-libp2p-kad-dht 0.20.0 and earlier used in IPFS 0.18.1 and earlier assigns routing information for content i.e., information about who holds the content to be stored by peers whose peer IDs have a small DHT distance from the content ID. This allows an attacker to censor content...

5.3CVSS6.5AI score0.00201EPSS
Exploits0References3
OSV
OSV
added 2024/12/12 3:16 p.m.6 views

GO-2024-3218 Content Censorship in the InterPlanetary File System (IPFS) via Kademlia DHT abuse in github.com/libp2p/go-libp2p-kad-dht

Content Censorship in the InterPlanetary File System IPFS via Kademlia DHT abuse in github.com/libp2p/go-libp2p-kad-dht...

5.3CVSS5.2AI score0.00201EPSS
Exploits0References2
OSV
OSV
added 2024/10/25 6:30 p.m.10 views

GHSA-MQR9-HJR8-2M9W Content Censorship in the InterPlanetary File System (IPFS) via Kademlia DHT abuse

The Kademlia DHT go-libp2p-kad-dht 0.20.0 and earlier used in IPFS 0.18.1 and earlier assigns routing information for content i.e., information about who holds the content to be stored by peers whose peer IDs have a small DHT distance from the content ID. This allows an attacker to censor content...

5.3CVSS5AI score0.00201EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2024/10/25 6:30 p.m.11 views

Content Censorship in the InterPlanetary File System (IPFS) via Kademlia DHT abuse

The Kademlia DHT go-libp2p-kad-dht 0.20.0 and earlier used in IPFS 0.18.1 and earlier assigns routing information for content i.e., information about who holds the content to be stored by peers whose peer IDs have a small DHT distance from the content ID. This allows an attacker to censor content...

5.3CVSS6.2AI score0.00201EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2024/10/25 4:15 p.m.17 views

CVE-2023-26248

The Kademlia DHT go-libp2p-kad-dht 0.20.0 and earlier used in IPFS 0.18.1 and earlier assigns routing information for content i.e., information about who holds the content to be stored by peers whose peer IDs have a small DHT distance from the content ID. This allows an attacker to censor content...

5.3CVSS0.00201EPSS
Exploits0References2
OSV
OSV
added 2024/10/25 4:15 p.m.4 views

CVE-2023-26248

The Kademlia DHT go-libp2p-kad-dht 0.20.0 and earlier used in IPFS 0.18.1 and earlier assigns routing information for content i.e., information about who holds the content to be stored by peers whose peer IDs have a small DHT distance from the content ID. This allows an attacker to censor content...

5.3CVSS5.8AI score0.00201EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/10/25 12:0 a.m.19 views

CVE-2023-26248

The Kademlia DHT go-libp2p-kad-dht 0.20.0 and earlier used in IPFS 0.18.1 and earlier assigns routing information for content i.e., information about who holds the content to be stored by peers whose peer IDs have a small DHT distance from the content ID. This allows an attacker to censor content...

0.00201EPSS
Exploits0References2
CVE
CVE
added 2024/10/25 12:0 a.m.70 views

CVE-2023-26248

CVE-2023-26248 describes a content-censorship vulnerability in the Kademlia DHT used by IPFS (go-libp2p-kad-dht 0.20.0 and earlier; IPFS 0.18.1 and earlier). The issue arises because routing information for content can be stored by peers whose DHT distance to the content ID is small, enabling an ...

5.3CVSS6AI score0.00201EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/10/25 12:0 a.m.7 views

PT-2024-12089 · Ipfs +1 · Ipfs +1

Name of the Vulnerable Software and Affected Versions: go-libp2p-kad-dht versions 0.20.0 and earlier IPFS versions 0.18.1 and earlier Description: The issue allows an attacker to censor content in the InterPlanetary File System IPFS by exploiting the Kademlia DHT. This is done by generating many...

9.8CVSS5.9AI score0.89633EPSS
Exploits15References31
Vulnrichment
Vulnrichment
added 2024/10/25 12:0 a.m.12 views

CVE-2023-26248

The Kademlia DHT go-libp2p-kad-dht 0.20.0 and earlier used in IPFS 0.18.1 and earlier assigns routing information for content i.e., information about who holds the content to be stored by peers whose peer IDs have a small DHT distance from the content ID. This allows an attacker to censor content...

6.5AI score0.00201EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.165 views

Gather Kademlia Server Information

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Gather Kademlia Server Information', 'Description' = %q This module uses the Kademlia BOOTSTRAP and PING messages to identify and extract...

7.4AI score
Exploits0
Metasploit
Metasploit
added 2014/11/20 9:28 p.m.32 views

Gather Kademlia Server Information

This module uses the Kademlia BOOTSTRAP and PING messages to identify and extract information from Kademlia speaking UDP endpoints, typically belonging to eMule/eDonkey/BitTorrent servers or other P2P applications. This module requires Metasploit: https://metasploit.com/download Current source:...

0.3AI score
Exploits0
Rows per page
Query Builder