What is the CVSS score of EUVD-2025-208891?

EUVD-2025-208891 has a CVSS 3.1 base score of 7.5 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H. EPSS exploitation probability: 0.0%.

Which versions of Core are affected by EUVD-2025-208891?

Organizations using Core 0.13.0 face notable risk from CVE-2025-46597, a integer overflow vulnerability rated CVSS 7.5.

How to fix or mitigate EUVD-2025-208891?

Within 7 days: Identify all affected systems running Core 0.13.0 and apply vendor patches promptly. Monitor vendor channels for patch availability.

Core EUVD-2025-208891

| CVE-2025-46597 HIGH

Integer Overflow or Wraparound (CWE-190)

2026-03-20 mitre

Buffer Overflow Integer Overflow

7.5

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Lifecycle Timeline

EUVD ID Assigned

Mar 20, 2026 - 15:52 euvd

EUVD-2025-208891

Analysis Generated

Mar 20, 2026 - 15:52 vuln.today

CVE Published

Mar 20, 2026 - 00:00 nvd

HIGH 7.5

DescriptionNVD

Bitcoin Core 0.13.0 through 29.x has an integer overflow.

AnalysisAI

Bitcoin Core versions 0.13.0 through 29.x contain an integer overflow vulnerability that could allow attackers to trigger unexpected behavior or crashes in affected nodes. This vulnerability affects a wide range of Bitcoin Core deployments spanning multiple major versions. While specific exploitation details remain limited due to the disclosure date and incomplete CVSS scoring, the integer overflow classification suggests potential for denial of service or memory corruption under specific conditions.

Technical ContextAI

Bitcoin Core is the reference implementation of the Bitcoin protocol, handling consensus rules, transaction validation, and peer-to-peer networking. The vulnerability is classified as an integer overflow (with buffer overflow tags noted), which typically occurs in C/C++ code when arithmetic operations exceed data type boundaries without proper bounds checking. Integer overflows in Bitcoin Core could affect critical subsystems such as transaction processing, block validation, script execution, or memory management. The affected version range (0.13.0 through 29.x) represents approximately 8 years of releases, suggesting the flaw may have existed in foundational code or was introduced during a specific development period. The root cause class relates to improper input validation or arithmetic boundary handling.

RemediationAI

Operators should immediately upgrade to the patched version of Bitcoin Core as specified in the official security advisory at https://bitcoincore.org/en/2025/10/24/disclose-cve-2025-46597/. Check the Bitcoin Core releases page (https://github.com/bitcoin/bitcoin/releases) for the specific patched version and download instructions. For organizations unable to patch immediately, implement network segmentation to limit exposure of vulnerable nodes to untrusted peers, disable unrequired RPC interfaces, and monitor logs for unusual behavior indicative of exploitation attempts. Consider running multiple Bitcoin Core instances with version diversity to reduce the impact of any single vulnerability. Exchanges and custodians handling high-value transactions should prioritize patching given the potential for consensus failures or transaction handling errors triggered by exploited integer overflows.

EUVD-2025-208891 vulnerability details – vuln.today

Back

Core EUVD-2025-208891

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code