EUVD-2026-20996
GHSA-hc36-c89j-5f4j
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Lifecycle Timeline
4Description
BSV Ruby SDK is the Ruby SDK for the BSV blockchain. From 0.3.1 to before 0.8.2, BSV::Wallet::WalletClient#acquire_certificate persists certificate records to storage without verifying the certifier's signature over the certificate contents. In acquisition_protocol: 'direct', the caller supplies all certificate fields (including signature:) and the record is written to storage verbatim. In acquisition_protocol: 'issuance', the client POSTs to a certifier URL and writes whatever signature the response body contains, also without verification. An attacker who can reach either API (or who controls a certifier endpoint targeted by the issuance path) can forge identity certificates that subsequently appear authentic to list_certificates and prove_certificate.
Analysis
Signature verification bypass in BSV Ruby SDK versions 0.3.1 through 0.8.1 allows authenticated attackers to forge blockchain identity certificates. The WalletClient#acquire_certificate method persists certificates without validating certifier signatures in both 'direct' acquisition (where attackers supply all fields including forged signatures) and 'issuance' protocols (where malicious certifier endpoints inject invalid signatures). …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Inventory all systems and applications using BSV Ruby SDK versions 0.3.1-0.8.1 and assess whether certificate forgery could impact business-critical processes. Within 7 days: Disable the WalletClient#acquire_certificate method or restrict it to highly trusted internal sources only; implement additional signature validation outside the SDK. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today