Skip to main content

nimiq-primitives EUVDEUVD-2026-25062

| CVE-2026-34065 HIGH
Unchecked Return Value (CWE-252)
2026-04-22 https://github.com/nimiq/core-rs-albatross GHSA-7c4j-2m43-2mgh
7.5
CVSS 3.1 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

6
Re-analysis Queued
Apr 24, 2026 - 17:22 vuln.today
cvss_changed
Analysis Generated
Apr 23, 2026 - 06:51 vuln.today
EUVD ID Assigned
Apr 22, 2026 - 19:31 euvd
EUVD-2026-25062
Analysis Generated
Apr 22, 2026 - 19:31 vuln.today
Patch released
Apr 22, 2026 - 19:31 nvd
Patch available
CVE Published
Apr 22, 2026 - 19:19 nvd
HIGH 7.5

Blast Radius

ecosystem impact
† from your stack dependencies † transitive graph · vuln.today resolves 4-path depth
  • 17 cargo packages depend on nimiq-primitives (11 direct, 6 indirect)

Ecosystem-wide dependent count for version 0.2.0.

DescriptionGitHub Advisory

Impact

An untrusted p2p peer can cause a node to panic by announcing an election macro block whose validators set contains an invalid compressed BLS voting key.

Hashing an election macro header hashes validators and reaches Validators::voting_keys(), which calls validator.voting_key.uncompress().unwrap() and panics on invalid bytes.

Patches

The patch for this vulnerability is included as part of v1.3.0.

Workarounds

No known workarounds.

AnalysisAI

Denial of service in nimiq-primitives (Nimiq blockchain core library) allows remote unauthenticated attackers to crash nodes via malformed peer-to-peer messages. Attackers announce election macro blocks containing invalid compressed BLS voting keys, triggering an unwrap() panic during header hash validation. Affects all versions prior to 1.3.0. CVSS 7.5 (High) with network attack vector and no complexity. No public exploit identified at time of analysis, but attack is trivial to execute given the network-accessible attack surface and lack of authentication requirements.

Technical ContextAI

This vulnerability affects nimiq-primitives, a Rust crate that implements core primitives for the Nimiq Albatross blockchain's peer-to-peer consensus protocol. Election macro blocks are critical consensus messages that define validator sets for proof-of-stake consensus. The vulnerability stems from CWE-252 (Unchecked Return Value) in the Validators::voting_keys() function, which calls uncompress().unwrap() on BLS (Boneh-Lynn-Shacham) compressed public keys without validating the compressed key bytes first. BLS signatures are used in blockchain consensus for validator voting. When a malicious peer announces an election macro block, the receiving node attempts to hash the block header, which involves deserializing the validators set. Invalid compressed BLS key bytes (not representing valid elliptic curve points) cause the unwrap() to panic, immediately terminating the node process. This violates Rust safety practices of handling Result types from cryptographic deserialization operations.

RemediationAI

Upgrade nimiq-primitives to version 1.3.0 or later, as confirmed by vendor release at https://github.com/nimiq/core-rs-albatross/releases/tag/v1.3.0. The patch at https://github.com/nimiq/core-rs-albatross/commit/e10eaebcd7774e5da6d0ff5e88ed13503474f0ff adds proper validation of compressed BLS key bytes before decompression, replacing unwrap() with checked error handling. For Rust projects using nimiq-primitives as a dependency, update Cargo.toml to require version >=1.3.0 and run cargo update. No workarounds exist per vendor advisory. Compensating controls if immediate patching is impossible: (1) restrict peer-to-peer network access to trusted validator nodes only using firewall rules (blocks random malicious peers but limits decentralization and may violate blockchain network participation requirements), (2) implement external process monitoring to automatically restart crashed nodes (reduces downtime but does not prevent exploitation and may mask ongoing attacks), (3) deploy intrusion detection to alert on repeated node crashes (detection only, no prevention). All compensating controls have significant operational trade-offs and should be temporary measures only.

Share

EUVD-2026-25062 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy