Security Advisories · nimiq/core-rs-albatross · GitHub

Security Advisories

View information about security vulnerabilities from this repository's maintainers.

Untrusted peer can wedge DHT
GHSA-g39c-jcgg-qwvr published May 15, 2026 by jsdanielh

Moderate
Panic in history index request handlers when a full node runs without the history index
GHSA-xr78-2jhh-9wf9 published Apr 2, 2026 by jsdanielh

Moderate
Macro block proposal interlink bug
GHSA-gr83-j5f8-p2r5 published Apr 2, 2026 by jsdanielh

Moderate
Request/Response inbound failure retains stale `response_channels` state after attacker-controlled failed requests
GHSA-w5f8-87h2-m573 published Apr 2, 2026 by jsdanielh

Low
Discovery handshake limit could underflow and later provoke a deterministic overflow panic
GHSA-5rm9-893q-vmhm published Apr 2, 2026 by jsdanielh

High
nimiq-libp2p request/response codec reads entire stream before size validation
GHSA-gh7r-qh4p-q4fr published Apr 22, 2026 by jsdanielh

Moderate
Peer can crash the node by opening discovery protocol substream twice
GHSA-74hp-mhfx-m45h published Apr 22, 2026 by jsdanielh

High
skip block quorum bypass via out-of-range BitSet indices + u16 truncation
GHSA-6973-8887-87ff published Apr 22, 2026 by jsdanielh

Critical
Vesting insufficient funds error can panic
GHSA-vc34-39q2-m6q3 published Apr 22, 2026 by jsdanielh

Moderate
Peer-triggerable crash via invalid election macro validators voting key hashing announced macro blocks
GHSA-7c4j-2m43-2mgh published Apr 22, 2026 by jsdanielh

High

⚡