PatchSiren cyber security CVE debrief
CVE-2026-44714 bitcoinj CVE debrief
A signature verification bypass in bitcoinj versions prior to 0.17.1 allows attackers to satisfy local transaction validation for arbitrary P2PKH and P2WPKH outputs using any valid keypair, without proving ownership of the committed public key hash. The vulnerability exists in ScriptExecution.correctlySpends() where fast-path verification branches for standard P2PKH and native P2WPKH spends verify the attacker-controlled signature/public-key pair but fail to verify that the public key matches the hash committed in the output being spent. This represents a critical integrity failure in Bitcoin transaction validation logic. The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) indicates network-accessible, low-complexity attacks with no privileges required, resulting in high impact to integrity with no confidentiality or availability impact. The weakness is classified as CWE-347 (Improper Verification of Cryptographic Signature). The vulnerability was disclosed on 2026-05-15 and last modified on 2026-05-18. No known exploitation in ransomware campaigns has been documented, and the vulnerability is not listed in CISA KEV.
- Vendor
- bitcoinj
- Product
- Unknown
- CVSS
- HIGH 7.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-05-15
- Original CVE updated
- 2026-05-18
- Advisory published
- 2026-05-15
- Advisory updated
- 2026-05-18
Who should care
Organizations and developers using bitcoinj for Bitcoin transaction validation, wallet implementations, or blockchain analysis tools. Cryptocurrency exchanges, payment processors, and financial institutions relying on bitcoinj for transaction verification. Developers building Bitcoin applications in Java or JVM languages where bitcoinj serves as the protocol implementation layer.
Technical summary
The bitcoinj library's ScriptExecution.correctlySpends() method contains two related verification bypass vulnerabilities in its fast-path handling of standard P2PKH (Pay-to-Public-Key-Hash) and native P2WPKH (Pay-to-Witness-Public-Key-Hash) transaction types. In both code branches, the implementation correctly verifies that a provided signature is valid for a given public key, but critically fails to verify that this public key hashes to the value committed in the transaction output being spent. This cryptographic verification gap means any attacker with a valid secp256k1 keypair can generate signatures that pass bitcoinj's local validation for arbitrary P2PKH and P2WPKH outputs, regardless of whether they control the actual funds. The vulnerability affects all bitcoinj versions prior to 0.17.1 and represents a fundamental break in the chain of custody verification required for secure Bitcoin transaction processing.
Defensive priority
critical
Recommended defensive actions
- Upgrade bitcoinj to version 0.17.1 or later to remediate the signature verification bypass in ScriptExecution.correctlySpends().
- Review any applications using bitcoinj for transaction validation to identify potentially accepted invalid transactions prior to patching.
- Audit transaction logs for P2PKH and P2WPKH spends that may have been incorrectly validated during the vulnerable period.
- Implement additional validation layers for critical Bitcoin transaction operations until patching is complete.
- Monitor for anomalous transaction acceptance patterns in systems relying on bitcoinj for local verification.
Evidence notes
Vulnerability description and fix version derived from official CVE record and GitHub Security Advisory. Technical details of the verification bypass confirmed through commit references showing remediation in ScriptExecution.java. CVSS vector and CWE classification sourced from NVD metadata.
Official resources
2026-05-15T17:16:47.933Z