14 matches found
CVE-2026-44498
ZEBRA is a Zcash node written entirely in Rust. Prior to version 4.4.0, Zebra's block validator undercounts transparent signature operations against the 20000-sigop block limit MAXBLOCKSIGOPS, allowing it to accept blocks that zcashd rejects with bad-blk-sigops. A miner who produces such a block...
CVE-2026-44498
ZEBRA is a Zcash node written entirely in Rust. Prior to version 4.4.0, Zebra's block validator undercounts transparent signature operations against the 20000-sigop block limit MAXBLOCKSIGOPS, allowing it to accept blocks that zcashd rejects with bad-blk-sigops. A miner who produces such a block...
CVE-2026-44498 ZEBRA: Block Validator Undercounts Coinbase and P2SH Sigops
ZEBRA is a Zcash node written entirely in Rust. Prior to version 4.4.0, Zebra's block validator undercounts transparent signature operations against the 20000-sigop block limit MAXBLOCKSIGOPS, allowing it to accept blocks that zcashd rejects with bad-blk-sigops. A miner who produces such a block...
CVE-2026-44498
CVE-2026-44498 affects ZEBRA (Zcash node written in Rust). Prior to version 4.4.0, Zebra’s block validator undercounted sigops, specifically: (A) Coinbase legacy sigops were not charged, hiding up to ~98 sigops, and (B) P2SH sigops were not accumulated during block validation. This caused blocks ...
CVE-2024-52912
Bitcoin Core before 0.21.0 allows a network split that is resultant from an integer overflow calculating the time offset for newly connecting peers and an abs64 logic bug...
GHSA-M9C9-MC2H-9WJW Lodestar snappy checksum issue
Impact Unintended permanent chain split affecting greater than or equal to 25% of the network, requiring hard fork network partition requiring hard fork Lodestar does not verify checksum in snappy framing uncompressed chunks. Vulnerability Details In Req/Resp protocol the messages are encoded by...
CVE-2024-52912
Bitcoin Core before 0.21.0 allows a network split that is resultant from an integer overflow calculating the time offset for newly connecting peers and an abs64 logic bug...
CVE-2024-52912
Bitcoin Core before 0.21.0 allows a network split that is resultant from an integer overflow calculating the time offset for newly connecting peers and an abs64 logic bug...
CVE-2024-52912
Bitcoin Core before 0.21.0 allows a network split that is resultant from an integer overflow calculating the time offset for newly connecting peers and an abs64 logic bug...
CVE-2024-52912
Bitcoin Core before 0.21.0 allows a network split that is resultant from an integer overflow calculating the time offset for newly connecting peers and an abs64 logic bug...
CVE-2024-52912
Bitcoin Core before 0.21.0 is affected. The issue stems from an integer overflow when calculating the time offset for newly connecting peers, combined with an abs64 logic bug, which can cause a network split. Red Hat, NVD, OSV, CIRCL and other feeds corroborate that prior to 0.21.0, this vulnerab...
PT-2024-35480 · Unknown · Bitcoin Core
Name of the Vulnerable Software and Affected Versions: Bitcoin Core versions prior to 0.21.0 Description: The issue arises from an integer overflow when calculating the time offset for newly connecting peers, combined with an abs64 logic bug. This can lead to a network split. Recommendations: For...
PT-2024-40018 · Ckb · Ckb
Name of the Vulnerable Software and Affected Versions: Ckb versions prior to 0.35.2 Ckb versions prior to 0.36.1 Ckb versions prior to 0.37.1 Ckb versions prior to 0.38.2 Description: The issue causes faulty nodes to reject transactions that call the load cell data syscall when the input cell is...
Nervos CKB BlockTimeTooNew should not be considered as invalid block
Impact Currently, when a node receives a block in future according to its local wall clock, it will mark the block as invalid and ban the peer. If the header's timestamp is more than 15 seconds ahead of our current time. In that case, the header may become valid in the future, and we don't want t...