Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

nimiq — Vulnerabilities & Security Advisories 16

Browse all 16 CVE security advisories affecting nimiq. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by nimiq:core-rs-albatrossnetwork-libp2pnimiq-transactionnimiq-blocknimiq-primitivesnimiq-accountnimiq-blockchain
CVE IDTitleCVSSSeverityPublished
CVE-2026-34068 nimiq-transaction: UpdateValidator transactions allows voting key change without proof-of-knowledge — nimiq-transactionCWE-347 6.8 Medium2026-04-22
CVE-2026-34067 nimiq-transaction vulnerable to panic via `HistoryTreeProof` length mismatch — nimiq-transactionCWE-617 3.1 Low2026-04-22
CVE-2026-34066 nimiq-blockchain: Peer-triggerable panic during history sync — nimiq-blockchainCWE-20 5.3 Medium2026-04-22
CVE-2026-34065 nimiq-primitives: Node crash due to missing interlink validation in election macro block proposals — nimiq-primitivesCWE-252 7.5 High2026-04-22
CVE-2026-34064 nimiq-account: Vesting insufficient funds error can panic — nimiq-accountCWE-191 5.3 Medium2026-04-22
CVE-2026-34063 network-libp2p: Peer can crash the node by opening discovery protocol substream twice — network-libp2pCWE-617 7.5 High2026-04-22
CVE-2026-34062 Nimiq has Allocation of Resources Without Limits or Throttling in its libp2p request/response — network-libp2pCWE-770 5.3 Medium2026-04-22
CVE-2026-33471 nimiq-block has skip block quorum bypass via out-of-range BitSet indices & u16 truncation — nimiq-blockCWE-20 9.6 Critical2026-04-22
CVE-2026-34069 nimiq-consensus panics via RequestMacroChain micro-block locator — core-rs-albatrossCWE-617 5.3 Medium2026-04-13
CVE-2026-32605 Nimiq: Remote crash via off-by-one signer bounds check in proposal buffer — core-rs-albatrossCWE-125 7.5 High2026-04-13
CVE-2026-40093 nimiq-blockchain is missing a wall-clock upper bound on block timestamps — core-rs-albatrossCWE-1284 8.1 High2026-04-09
CVE-2026-35468 nimiq/core-rs-albatross: Panic in history index request handlers when a full node runs without the history index — core-rs-albatrossCWE-252 5.3 Medium2026-04-03
CVE-2026-33184 nimiq/core-rs-albatross: Discovery handshake limit could underflow and later provoke a deterministic overflow panic — core-rs-albatrossCWE-191 7.5 High2026-04-03
CVE-2026-34061 nimiq/core-rs-albatross: Macro block proposal interlink bug — core-rs-albatrossCWE-345 4.9 Medium2026-04-03
CVE-2026-28402 nimiq/core-rs-albatross's nimiq-blockchain missing proposal body root verification — core-rs-albatrossCWE-354 7.1 High2026-02-27
CVE-2025-47270 nimiq-network-libp2p Uncontrolled Resource Consumption vulnerability — core-rs-albatrossCWE-400 7.5 High2025-05-12

This page lists every published CVE security advisory associated with nimiq. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.