PatchSiren

nimiq CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH nimiq CVE published 2026-06-10

CVE-2026-46545

CVE-2026-46545 is a high-severity remote denial-of-service vulnerability in the Nimiq Proof-of-Stake protocol. A remote, unauthenticated attacker can exploit a vulnerability in MerkleRadixTrie::put_chunk to crash any node performing state synchronization. This issue was patched in version 1.5.0.

MEDIUM Nimiq CVE published 2026-06-10

CVE-2026-46543

CVE-2026-46543 is a vulnerability in Nimiq's Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. A remote peer can crash any full node by sending a RequestBatchSet message containing the genesis block's hash. The handler calls get_epoch_chunks which iterates backwards through macro blocks using Policy::macro_block_before. When it reaches the genesis block n [truncated]

MEDIUM nimiq CVE published 2026-06-10

CVE-2026-46542

CVE-2026-46542 is a MEDIUM severity vulnerability in the Nimiq Proof-of-Stake protocol implementation. The issue exists in the Ed25519 multisig delinearization code path, specifically in the `Ed25519PublicKey::delinearize()` function. This function calls `.unwrap()` on curve point decompression, which panics when a public key is constructed from 32 bytes that do not represent a valid point on the Ed25519 [truncated]

HIGH nimiq CVE published 2026-06-10

CVE-2026-46541

A vulnerability in the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.4.0, the DhtResults accumulator is only initialized when the first DHT record passes verification. If the first record fails (from a malicious DHT node), DhtResults is never created, and all subsequent valid records are discarded with 'DHT inconsistent state' errors. This issue has been patc [truncated]

MEDIUM nimiq CVE published 2026-06-10

CVE-2026-46540

CVE-2026-46540 is a MEDIUM severity vulnerability in the Nimiq Proof-of-Stake protocol implementation. The issue arises from the LightBlockchain::rebranch() function not correctly updating certain state variables when adopting a fork chain with a macro block (checkpoint or election) as its tip. Specifically, it fails to update self.macro_head, self.election_head, self.current_validators, and does not stor [truncated]

MEDIUM nimiq CVE published 2026-06-10

CVE-2026-46539

CVE-2026-46539 is a MEDIUM severity vulnerability in Nimiq's Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. A logic flaw in BlockInclusionProof::is_block_proven causes the function to return true without performing any cryptographic verification when get_interlink_hops yields an empty hop list. This occurs when the target block is at the election block [truncated]

MEDIUM nimiq CVE published 2026-06-10

CVE-2026-44505

A vulnerability was discovered in the Nimiq Proof-of-Stake protocol, specifically in the network-libp2p module. The handle_dht_get function in network-libp2p/src/swarm.rs did not properly handle verifier errors when a peer returns a FoundRecord. This can cause the oneshot used by Network::dht_get to hang indefinitely, leading to a denial-of-service (DoS) condition. The vulnerability has been patched in version 1.4.0.

MEDIUM nimiq CVE published 2026-05-20

CVE-2026-40094

CVE-2026-40094 is a denial-of-service issue in Nimiq's Rust implementation where network-libp2p discovery accepts signed PeerContact updates from untrusted peers and stores them in the peer contact book. Because a PeerContact can legally contain an empty addresses list and no intrinsic validation enforces a non-empty list, later address-book construction can panic when it reaches an "every peer should hav [truncated]

HIGH nimiq CVE published 2026-05-20

CVE-2026-40092

CVE-2026-40092 is a denial-of-service vulnerability in Nimiq’s Rust blockchain implementation. In affected versions, a remote peer can send a crafted Kademlia DHT record that causes a full node to panic during signature verification, crashing the process. The issue is fixed in v1.4.0.