cometbft — Vulnerabilities & Security Advisories 3

All 3 CVE vulnerabilities found in cometbft, with AI-generated Chinese analysis, references, and POCs.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-24371	Malicious peer can make node stuck in blocksync in github.com/cometbft/cometbft CWE-703	5.3	-	2025-02-03
CVE-2023-34450	CometBFT PeerState JSON serialization deadlock CWE-401	3.7	Low	2023-07-03
CVE-2023-34451	CometBFT may duplicate transactions in the mempool's data structures CWE-401	8.2	High	2023-07-03

All 3 known CVE vulnerabilities affecting cometbft with full Chinese analysis, references, and POCs where available.