zebrad CVE-2026-52738
MEDIUMSeverity by source
AV:N because the attack is delivered via a broadcast Zcash block; AC:H because exploitation requires both mining hardware and ~1,100-2,100 ZEC capital; PR:N at the network layer; availability-only impact with no confidentiality or integrity effect.
Estimated by vuln.today — no official severity rating has been published for this CVE yet.
Lifecycle Timeline
1DescriptionCVE.org
Am I affected
You are affected if:
- You run
zebradup to and includingv4.4.1. - Your node processes blocks on any Zcash network.
Summary
The finalized transparent address balance writer processes all newly-created outputs (credits) before processing spent outputs (debits) within the same block. A consensus-valid block containing a long chain of same-address transparent self-spends can cause the intermediate per-address balance during the credit pass to exceed MAX_MONEY, triggering a panic in the finalized state writer.
Because the triggering block is consensus-valid (zcashd accepts it), the panic recurs on restart when the node re-encounters the same block. This creates a persistent chain halt that can only be resolved by a software patch.
Details
The finalized state writer at zebra-state/src/service/finalized_state/zebra_db/transparent.rs iterates all transaction outputs in a block and credits them to per-address balances before iterating inputs and debiting spent outputs. When a block contains many transparent self-spends to the same address, the intermediate credit-only balance can exceed the MAX_MONEY supply cap even though the final net balance (credits minus debits) is valid.
The code panics on the intermediate overflow via .expect() on the balance addition. Under Zebra's panic = "abort" release profile, this terminates the process. On restart, the node re-downloads and re-processes the same consensus-valid block, triggering the same panic.
An attacker with approximately 1,100-2,100 ZEC and mining capability can construct a block that permanently halts all Zebra nodes. The attacker recovers their capital (the self-spends return funds to the same address), so the net cost is the mining effort only.
Patches
Patched in Zebra 4.4.2. The fix processes credits and debits together per transaction rather than all credits then all debits, matching zcashd's approach.
Workarounds
No workaround is available. Upgrade to Zebra 4.4.2.
Impact
A single consensus-valid mined block can permanently halt all Zebra nodes on the network. The halt persists across restarts. Recovery requires deploying a patched version. Downstream consumers (light wallets, exchanges, mining infrastructure) lose service for the duration of the halt.
Credit
Reported by @sangsoo-osec.
AnalysisAI
Persistent denial-of-service in zebrad (Zcash Foundation's Zcash node) up to and including v4.4.1 allows an attacker with mining capability and approximately 1,100-2,100 ZEC to permanently halt all Zebra nodes on the network by mining a single consensus-valid block. The block exploits a credit-before-debit processing order in the finalized transparent state writer, causing an intermediate per-address balance to overflow the MAX_MONEY cap and trigger a Rust panic-abort. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires the attacker to possess mining capability sufficient to produce a valid Zcash block and approximately 1,100-2,100 ZEC, which is used in transparent self-spend transactions and recovered after the attack. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | No CVSS vector or score was provided by NVD or the vendor advisory, so all metric assessments are independently derived. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker holding approximately 1,100-2,100 ZEC constructs a Zcash block containing a long chain of transparent self-spend transactions, all crediting the same address, and mines the block to satisfy Zcash consensus rules. The attacker broadcasts the block to the Zcash network; every zebrad node ≤4.4.1 processes the block's credits first, causing the intermediate per-address balance to overflow MAX_MONEY, triggering a panic-abort. … |
| Remediation | Upgrade to Zebra 4.4.2, the vendor-confirmed patched release. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Same weakness CWE-248 – Uncaught Exception
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today
GHSA-w834-cf6p-9m9w