Skip to main content

zebrad CVE-2026-52738

MEDIUM
Uncaught Exception (CWE-248)
2026-07-02 https://github.com/ZcashFoundation/zebra GHSA-w834-cf6p-9m9w
Share

Severity by source

vuln.today AI
5.9 MEDIUM

AV:N because the attack is delivered via a broadcast Zcash block; AC:H because exploitation requires both mining hardware and ~1,100-2,100 ZEC capital; PR:N at the network layer; availability-only impact with no confidentiality or integrity effect.

3.1 AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
4.0 AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H

Estimated by vuln.today — no official severity rating has been published for this CVE yet.

Lifecycle Timeline

1
Analysis Generated
Jul 02, 2026 - 20:40 vuln.today

DescriptionCVE.org

Am I affected

You are affected if:

  1. You run zebrad up to and including v4.4.1.
  2. Your node processes blocks on any Zcash network.

Summary

The finalized transparent address balance writer processes all newly-created outputs (credits) before processing spent outputs (debits) within the same block. A consensus-valid block containing a long chain of same-address transparent self-spends can cause the intermediate per-address balance during the credit pass to exceed MAX_MONEY, triggering a panic in the finalized state writer.

Because the triggering block is consensus-valid (zcashd accepts it), the panic recurs on restart when the node re-encounters the same block. This creates a persistent chain halt that can only be resolved by a software patch.

Details

The finalized state writer at zebra-state/src/service/finalized_state/zebra_db/transparent.rs iterates all transaction outputs in a block and credits them to per-address balances before iterating inputs and debiting spent outputs. When a block contains many transparent self-spends to the same address, the intermediate credit-only balance can exceed the MAX_MONEY supply cap even though the final net balance (credits minus debits) is valid.

The code panics on the intermediate overflow via .expect() on the balance addition. Under Zebra's panic = "abort" release profile, this terminates the process. On restart, the node re-downloads and re-processes the same consensus-valid block, triggering the same panic.

An attacker with approximately 1,100-2,100 ZEC and mining capability can construct a block that permanently halts all Zebra nodes. The attacker recovers their capital (the self-spends return funds to the same address), so the net cost is the mining effort only.

Patches

Patched in Zebra 4.4.2. The fix processes credits and debits together per transaction rather than all credits then all debits, matching zcashd's approach.

Workarounds

No workaround is available. Upgrade to Zebra 4.4.2.

Impact

A single consensus-valid mined block can permanently halt all Zebra nodes on the network. The halt persists across restarts. Recovery requires deploying a patched version. Downstream consumers (light wallets, exchanges, mining infrastructure) lose service for the duration of the halt.

Credit

Reported by @sangsoo-osec.

AnalysisAI

Persistent denial-of-service in zebrad (Zcash Foundation's Zcash node) up to and including v4.4.1 allows an attacker with mining capability and approximately 1,100-2,100 ZEC to permanently halt all Zebra nodes on the network by mining a single consensus-valid block. The block exploits a credit-before-debit processing order in the finalized transparent state writer, causing an intermediate per-address balance to overflow the MAX_MONEY cap and trigger a Rust panic-abort. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Recon
Acquire ~1,100-2,100 ZEC stake
Delivery
Construct transparent same-address self-spend transaction chain
Exploit
Mine consensus-valid Zcash block containing chain
Install
Broadcast block to Zcash P2P network
C2
Zebrad credits all outputs before debiting inputs
Execute
Intermediate address balance overflows MAX_MONEY cap
Impact
Panic-abort terminates all Zebra nodes permanently

Vulnerability AssessmentAI

Exploitation Exploitation requires the attacker to possess mining capability sufficient to produce a valid Zcash block and approximately 1,100-2,100 ZEC, which is used in transparent self-spend transactions and recovered after the attack. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment No CVSS vector or score was provided by NVD or the vendor advisory, so all metric assessments are independently derived. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker holding approximately 1,100-2,100 ZEC constructs a Zcash block containing a long chain of transparent self-spend transactions, all crediting the same address, and mines the block to satisfy Zcash consensus rules. The attacker broadcasts the block to the Zcash network; every zebrad node ≤4.4.1 processes the block's credits first, causing the intermediate per-address balance to overflow MAX_MONEY, triggering a panic-abort. …
Remediation Upgrade to Zebra 4.4.2, the vendor-confirmed patched release. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-52738 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy