Lucene search
K

3 matches found

OSV
OSV
added 2026/05/08 7:12 p.m.2 views

GHSA-H9HM-M2XJ-4RQ9 Zebra has Permanent Block Discovery Halt via Gossip Queue Saturation and Syncer Poisoning

Summary A composite denial-of-service vulnerability in Zebra's block discovery pipeline allows an unauthenticated remote attacker to permanently halt all new block discovery on a targeted node. The attack exploits three independent weaknesses in the gossip, syncer, and download subsystems — all...

8.7CVSS5.8AI score0.00351EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/05/08 7:12 p.m.10 views

Zebra has Permanent Block Discovery Halt via Gossip Queue Saturation and Syncer Poisoning

Summary A composite denial-of-service vulnerability in Zebra's block discovery pipeline allows an unauthenticated remote attacker to permanently halt all new block discovery on a targeted node. The attack exploits three independent weaknesses in the gossip, syncer, and download subsystems — all...

8.7CVSS5.8AI score0.00351EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/08 3:11 p.m.12 views

CVE-2026-44499 ZEBRA: Permanent Block Discovery Halt via Gossip Queue Saturation and Syncer Poisoning

ZEBRA is a Zcash node written entirely in Rust. Prior to version 4.4.0, a composite denial-of-service vulnerability in Zebra's block discovery pipeline allows an unauthenticated remote attacker to permanently halt all new block discovery on a targeted node. The attack exploits three independent...

8.7CVSS5.8AI score0.00351EPSS
Exploits0References1
Rows per page
Query Builder