Lucene search
K

12 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:25 p.m.11 views

CVE-2026-44500

ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.4.0, prior to zebra-chain version 7.0.0, and prior to zebra-network version 6.0.0, several inbound deserialization paths in Zebra allocated buffers sized against generic transport or block-size ceilings before the tighter...

5.3CVSS5.5AI score0.00362EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:20 p.m.10 views

CVE-2026-41584

ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.3.1 and prior to zebra-chain version 6.0.2, Orchard transactions contain a rk field which is a randomized validating key and also an elliptic curve point. The Zcash specification allows the field to be the identity a "zero"...

9.2CVSS5.3AI score0.00268EPSS
Exploits0References1
NVD
NVD
added 2026/05/08 3:17 p.m.10 views

CVE-2026-44500

ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.4.0, prior to zebra-chain version 7.0.0, and prior to zebra-network version 6.0.0, several inbound deserialization paths in Zebra allocated buffers sized against generic transport or block-size ceilings before the tighter...

5.3CVSS0.00362EPSS
Exploits1References1
CVE
CVE
added 2026/05/08 3:10 p.m.29 views

CVE-2026-44500

ZCV-64500: Allocation amplification in Zebra inbound deserializers affects Zebra nodes prior to 4.4.0 across zebrad, zebra-chain, and zebra-network. Inbound messages (headers, blocks, transactions) could be deserialized using generic transport or block-size ceilings, causing unauthenticated/post-...

5.3CVSS5.8AI score0.00362EPSS
Exploits1References1Affected Software3
Cvelist
Cvelist
added 2026/05/08 3:5 p.m.32 views

CVE-2026-41584 ZEBRA: rk Identity Point Panic in Transaction Verification

ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.3.1 and prior to zebra-chain version 6.0.2, Orchard transactions contain a rk field which is a randomized validating key and also an elliptic curve point. The Zcash specification allows the field to be the identity a "zero"...

9.2CVSS0.00268EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/08 3:5 p.m.14 views

CVE-2026-41584 ZEBRA: rk Identity Point Panic in Transaction Verification

ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.3.1 and prior to zebra-chain version 6.0.2, Orchard transactions contain a rk field which is a randomized validating key and also an elliptic curve point. The Zcash specification allows the field to be the identity a "zero"...

9.2CVSS5.7AI score0.00268EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/08 3:5 p.m.8 views

EUVD-2026-28654

ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.3.1 and prior to zebra-chain version 6.0.2, Orchard transactions contain a rk field which is a randomized validating key and also an elliptic curve point. The Zcash specification allows the field to be the identity a "zero"...

9.2CVSS5.7AI score0.00268EPSS
Exploits0References1
CVE
CVE
added 2026/05/08 3:5 p.m.18 views

CVE-2026-41584

ZEBRA (the Zebra node implementation for Zcash) is affected by CVE-2026-41584 due to the rk field in Orchard transactions. Prior to zebrad 4.3.1 and zebra-chain 6.0.2, an identity value for rk (the randomized validating key and elliptic-curve point) could trigger a panic in the orchard crate used...

9.2CVSS5.7AI score0.00268EPSS
Exploits0References1Affected Software2
RedhatCVE
RedhatCVE
added 2026/04/01 5:3 p.m.4 views

CVE-2026-34202

ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.3.0 and zebra-chain version 6.0.1, a vulnerability in Zebra's transaction processing logic allows a remote, unauthenticated attacker to cause a Zebra node to panic crash. This is triggered by sending a specially crafted V5...

9.2CVSS5.8AI score0.00725EPSS
Exploits0References1
NVD
NVD
added 2026/03/31 3:16 p.m.5 views

CVE-2026-34202

ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.3.0 and zebra-chain version 6.0.1, a vulnerability in Zebra's transaction processing logic allows a remote, unauthenticated attacker to cause a Zebra node to panic crash. This is triggered by sending a specially crafted V5...

9.2CVSS0.00725EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/31 2:2 p.m.7 views

CVE-2026-34202

ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.3.0 and zebra-chain version 6.0.1, a vulnerability in Zebra's transaction processing logic allows a remote, unauthenticated attacker to cause a Zebra node to panic crash. This is triggered by sending a specially crafted V5...

9.2CVSS5.8AI score0.00725EPSS
Exploits0References4Affected Software2
CVE
CVE
added 2026/03/31 2:2 p.m.23 views

CVE-2026-34202

ZEBRA (Zcash node) has a vulnerability in its transaction processing logic that can crash a remote, unauthenticated Zebra node by sending a crafted V5 transaction. The issue affects zebrad before version 4.3.0 and zebra-chain before 6.0.1, where transaction ID calculation can panic after successf...

9.2CVSS5.8AI score0.00725EPSS
Exploits0References3Affected Software2
Rows per page
Query Builder