CVE-2026-34069

nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. In versions 1.2.2 and below, an unauthenticated p2p peer can cause the RequestMacroChain message handler task to panic. Sending a RequestMacroChain message where the...

GHSA-48M6-486P-9J8P nimiq-consensus panics via RequestMacroChain micro-block locator

Impact An unauthenticated p2p peer can cause the RequestMacroChain message handler task to panic by sending a RequestMacroChain message where the first locator hash that is on the victim’s main chain is a micro block hash not a macro block hash. In RequestMacroChain::handle, the handler selects t...

ckb: Transaction header_deps validation issue (network forking)

Impact fn HeaderCheckercheckvalid skipped main chain checking after this PR: https://github.com/nervosnetwork/ckb/pull/1646/filesdiff-c4e017b67c1b3005ca0c446a9b0879571aa36a858b1f7ddd1b9328a884e3214bR171-R176 It will cause network forking if one transaction is using a forked block header which is...

PT-2022-28210 · Ckb · Ckb

Name of the Vulnerable Software and Affected Versions: ckb versions prior to 0.101.1 Description: The issue arises from the HeaderCheckercheck valid function skipping main chain checking, which can lead to network forking if a transaction uses a forked block header not present in the local node's...

Go Ethereum allows attackers to use manipulation of time-difference values to achieve replacement of main-chain blocks

Go Ethereum aka geth through 1.10.21 allows attackers to increase rewards by mining blocks in certain situations, and using a manipulation of time-difference values to achieve replacement of main-chain blocks, aka Riskless Uncle Making RUM, as exploited in the wild in 2020 through 2022...

CVE-2022-37450

Go Ethereum aka geth through 1.10.21 allows attackers to increase rewards by mining blocks in certain situations, and using a manipulation of time-difference values to achieve replacement of main-chain blocks, aka Riskless Uncle Making RUM, as exploited in the wild in 2020 through 2022...

Design/Logic Flaw

Go Ethereum aka geth through 1.10.21 allows attackers to increase rewards by mining blocks in certain situations, and using a manipulation of time-difference values to achieve replacement of main-chain blocks, aka Riskless Uncle Making RUM, as exploited in the wild in 2020 through 2022...

PT-2022-24009 · Unknown · Go-Ethereum

Name of the Vulnerable Software and Affected Versions: Go Ethereum aka geth versions 1.10.21 and earlier Description: The issue allows attackers to increase rewards by mining blocks in certain situations, and using a manipulation of time-difference values to achieve replacement of main-chain...

VulnCheck KEV: CVE-2022-37450

Go Ethereum aka geth through 1.10.21 allows attackers to increase rewards by mining blocks in certain situations, and using a manipulation of time-difference values to achieve replacement of main-chain blocks, aka Riskless Uncle Making RUM, as exploited in the wild in 2020 through 2022...