Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
| Source | ID | Title |
|---|---|---|
Github GHSA |
GHSA-vghx-352f-93jm | nimiq-blockchain: Genesis batch set request |
Wed, 10 Jun 2026 17:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Wed, 10 Jun 2026 02:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Nimiq
Nimiq core-rs-albatross |
|
| Vendors & Products |
Nimiq
Nimiq core-rs-albatross |
Wed, 10 Jun 2026 00:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.5.0, a remote peer can crash any full node by sending a RequestBatchSet message containing the genesis block's hash. The handler calls get_epoch_chunks which iterates backwards through macro blocks using Policy::macro_block_before. When it reaches the genesis block number, macro_block_before panics with "No macro blocks before genesis block". This issue has been patched in version 1.5.0. | |
| Title | nimiq-blockchain: Genesis batch set request | |
| Weaknesses | CWE-617 | |
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: GitHub_M
Published:
Updated: 2026-06-10T16:32:15.916Z
Reserved: 2026-05-14T20:42:31.368Z
Link: CVE-2026-46543
Updated: 2026-06-10T16:11:32.988Z
Status : Deferred
Published: 2026-06-10T00:16:54.630
Modified: 2026-06-10T19:37:41.437
Link: CVE-2026-46543
No data.
OpenCVE Enrichment
Updated: 2026-06-10T02:15:19Z
Github GHSA