What is the CVSS score of CVE-2026-40092?

CVE-2026-40092 has a CVSS 3.1 base score of 7.5 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H. EPSS exploitation probability: 0.1%.

Which versions of Nimiq are affected by CVE-2026-40092?

CVE-2026-40092 is a remote denial-of-service vulnerability affecting Nimiq full nodes that allows unauthenticated attackers to crash network nodes by sending malformed DHT records.. A patch is available.

Nimiq CVE-2026-40092

EUVD-2026-31197 HIGH

Unchecked Return Value (CWE-252)

2026-05-15 https://github.com/nimiq/core-rs-albatross

GHSA-27w2-87xv-37c6

Denial Of Service

7.5

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Lifecycle Timeline

Source Code Evidence Fetched

May 15, 2026 - 17:16 vuln.today

Analysis Generated

May 15, 2026 - 17:16 vuln.today

Blast Radius

ecosystem impact

† from your stack dependencies † transitive graph · vuln.today resolves 4-path depth

19 cargo packages depend on nimiq-keys (15 direct, 4 indirect)

Ecosystem-wide dependent count for version 0.2.0.

DescriptionNVD

Impact

A malicious network peer can crash any Nimiq full node by publishing a crafted Kademlia DHT record containing a TaggedSigned<ValidatorRecord, KeyPair> with a signature field whose byte length is not exactly 64. When the victim node's DHT verifier calls TaggedSigned::verify, execution reaches Ed25519Signature::from_bytes(sig).unwrap() in the TaggedPublicKey implementation for Ed25519PublicKey. The from_bytes call fails because ed25519_zebra::Signature::try_from rejects slices not 64 bytes, and the unwrap() panics. The BLS TaggedPublicKey implementation correctly returns false on error; only the Ed25519 implementation panics.

Patches

The patch for this vulnerability is formally released as part of v1.4.0.

Workarounds

No known workarounds.

Resources

See PR.

AnalysisAI

Remote denial-of-service vulnerability in Nimiq full nodes allows unauthenticated attackers to crash nodes by publishing malformed Kademlia DHT records with incorrect Ed25519 signature lengths. The vulnerability triggers a panic in the Ed25519 signature verification code when processing DHT records with signatures not exactly 64 bytes. …

RemediationAI

Within 24 hours: inventory all Nimiq full node deployments and document current versions. Within 7 days: apply vendor-released patch v1.4.0 to all affected nodes, beginning with non-critical infrastructure to validate stability. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-40092 vulnerability details – vuln.today

Back

Nimiq CVE-2026-40092

CVSS VectorNVD

Lifecycle Timeline

Blast Radius

DescriptionNVD

Impact

Patches

Workarounds

Resources

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code