LOW
Zcash
CVE published 2026-04-05
CVE-2026-35679
A vulnerability in Zcash zcashd versions prior to 6.12.0 allowed invalid transactions to be accepted under certain conditions, potentially enabling the draining of user funds from the Sprout pool. The root cause was incomplete verification of Sprout proofs in specific scenarios. The issue was resolved in version 6.12.0. The CVSS 3.1 score of 3.5 (Low severity) reflects the attack complexity requirements a [truncated]