Skip to main content

Core Rs Albatross CVE-2026-35468

MEDIUM
Unchecked Return Value (CWE-252)
2026-04-03 GitHub_M
5.3
CVSS 3.1 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
5.3 MEDIUM
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
Low

Lifecycle Timeline

2
Analysis Generated
Apr 03, 2026 - 23:15 vuln.today
CVE Published
Apr 03, 2026 - 22:10 nvd
MEDIUM 5.3

DescriptionGitHub Advisory

nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.3.0, two peer-facing consensus request handlers assume that the history index is always available and call blockchain.history_store.history_index().unwrap() directly. That assumption is false by construction. HistoryStoreProxy::history_index() explicitly returns None for the valid HistoryStoreProxy::WithoutIndex state. when a full node is syncing or otherwise running without the history index, a remote peer can send RequestTransactionsProof or RequestTransactionReceiptsByAddress and trigger an Option::unwrap() panic on the request path. This issue has been patched in version 1.3.0.

AnalysisAI

Denial of service in Nimiq Core RS Albatross prior to version 1.3.0 allows remote attackers to crash full nodes by sending specially crafted consensus requests (RequestTransactionsProof or RequestTransactionReceiptsByAddress) when the node is operating without a history index. The vulnerability stems from unsafe unwrap() calls that panic when encountering a valid but unindexed state, affecting nodes during synchronization or when intentionally configured without history indexing.

Technical ContextAI

Nimiq Core RS Albatross is a Rust implementation of the Nimiq Proof-of-Stake blockchain protocol using the Albatross consensus algorithm. The vulnerability exists in two peer-facing consensus request handlers that invoke blockchain.history_store.history_index().unwrap() without first validating whether the history index is available. The HistoryStoreProxy enum explicitly defines a WithoutIndex state that returns None from history_index(), a valid operational configuration for nodes syncing or running with reduced resources. The root cause is CWE-252 (Unchecked Return Value), where the code assumes a successful return without handling the None variant. This panic-based denial of service occurs at the network protocol layer when remote peers interact with the node's request handling mechanism.

RemediationAI

Upgrade Nimiq Core RS Albatross to version 1.3.0 or later. The vendor-released patch version 1.3.0 resolves the unsafe unwrap() calls by properly handling the None case when the history index is unavailable. Node operators should prioritize this upgrade, particularly those running nodes in sync mode or with intentionally disabled history indexing. The fix is available via the official Nimiq GitHub repository at https://github.com/nimiq/core-rs-albatross/releases/tag/v1.3.0 and the upstream commit at https://github.com/nimiq/core-rs-albatross/commit/0e5c90a6c75b722f3d6091769776a4040e694dba.

Share

CVE-2026-35468 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy