583 matches found
CVE-2026-34377
ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.3.0 and zebra-consensus version 5.0.1, a logic error in Zebra's transaction verification cache could allow a malicious miner to induce a consensus split. By matching a valid transaction's txid while providing invalid...
CVE-2026-34377
ZEBRA (Zcash node, Zebra) contains a consensus-failure vulnerability in its handling of V5 transactions. Before zebrad v4.3.0 and zebra-consensus v5.0.1, a logic error in the transaction verification cache could let a malicious miner craft a block with an invalid authorization data set but a matc...
CVE-2026-34377 Zebra has a Consensus Failure due to Improper Verification of V5 Transactions
ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.3.0 and zebra-consensus version 5.0.1, a logic error in Zebra's transaction verification cache could allow a malicious miner to induce a consensus split. By matching a valid transaction's txid while providing invalid...
CVE-2026-34202 Zebra node crash — V5 transaction hash panic (P2P reachable)
ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.3.0 and zebra-chain version 6.0.1, a vulnerability in Zebra's transaction processing logic allows a remote, unauthenticated attacker to cause a Zebra node to panic crash. This is triggered by sending a specially crafted V5...
CVE-2026-34202 Zebra node crash — V5 transaction hash panic (P2P reachable)
ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.3.0 and zebra-chain version 6.0.1, a vulnerability in Zebra's transaction processing logic allows a remote, unauthenticated attacker to cause a Zebra node to panic crash. This is triggered by sending a specially crafted V5...
CVE-2026-34202
ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.3.0 and zebra-chain version 6.0.1, a vulnerability in Zebra's transaction processing logic allows a remote, unauthenticated attacker to cause a Zebra node to panic crash. This is triggered by sending a specially crafted V5...
CVE-2026-34202 Zebra node crash — V5 transaction hash panic (P2P reachable)
ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.3.0 and zebra-chain version 6.0.1, a vulnerability in Zebra's transaction processing logic allows a remote, unauthenticated attacker to cause a Zebra node to panic crash. This is triggered by sending a specially crafted V5...
CVE-2026-34202
ZEBRA (Zcash node) has a vulnerability in its transaction processing logic that can crash a remote, unauthenticated Zebra node by sending a crafted V5 transaction. The issue affects zebrad before version 4.3.0 and zebra-chain before 6.0.1, where transaction ID calculation can panic after successf...
zebra 数据伪造问题漏洞
Zebra is an open-source implementation of Zcash full node written in Rust by the Zcash Foundation. Zebra has a vulnerability related to data forgery, which stems from logical errors in the transaction verification cache. This vulnerability could allow malicious miners to manipulate consensus...
zebra 安全漏洞
Zebra is an open-source Zcash implementation built using Rust by the Zcash Foundation. There is a security vulnerability in Zebra, which stems from vulnerabilities in the transaction processing logic of Zebra. This vulnerability could allow remote, unauthenticated attackers to cause Zebra nodes t...
GHSA-3VMH-33XR-9CQH Zebra has a Consensus Failure due to Improper Verification of V5 Transactions
--- CVE-2026-34377: Consensus Failure via Crafted V5 Authorization Data Summary A logic error in Zebra's transaction verification cache could allow a malicious miner to induce a consensus split. By matching a valid transaction's txid while providing invalid authorization data, a miner could cause...
PT-2026-29168
--- CVE-2026-34377: Consensus Failure via Crafted V5 Authorization Data Summary A logic error in Zebra's transaction verification cache could allow a malicious miner to induce a consensus split. By matching a valid transaction's txid while providing invalid authorization data, a miner could cause...
GHSA-QP6F-W4R3-H8WG Zebra node crash — V5 transaction hash panic (P2P reachable)
--- Remote Denial of Service via Crafted V5 Transactions Summary A vulnerability in Zebra's transaction processing logic allows a remote, unauthenticated attacker to cause a Zebra node to panic crash. This is triggered by sending a specially crafted V5 transaction that passes initial...
PT-2026-28604
Name of the Vulnerable Software and Affected Versions Zebra versions prior to 4.3.0 Description A flaw exists in Zebra’s transaction processing logic that allows a remote, unauthenticated attacker to cause a Zebra node to crash. This is triggered by sending a specially crafted V5 transaction that...
EUVD-2025-117230
Malicious code in middle-gold-zebra npm...
EUVD-2025-100753
Malicious code in chosenzebraz3n npm...
EUVD-2025-100140
Malicious code in dangerouszebraz3n npm...
EUVD-2025-99299
Malicious code in eligiblezebraz3n npm...
EUVD-2025-102680
Malicious code in reliablezebraz3n npm...
EUVD-2025-101255
Malicious code in undergroundzebraz3n npm...