EUVD-2026-25064
GHSA-j99g-7rqw-q9jg
CVSS VectorNVD
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
Lifecycle Timeline
1DescriptionNVD
Impact
HistoryStore::put_historic_txns uses an assert! to enforce invariants about HistoricTransaction.block_number (must be within the macro block being pushed and within the same epoch). During history sync, a peer can influence the history: &[HistoricTransaction] input passed into Blockchain::push_history_sync, and a malformed history list can violate these invariants and trigger a panic.
extend_history_sync calls this.history_store.add_to_history(..) before comparing the computed history root against the macro block header (block.history_root()), so the panic can happen before later rejection checks run.
Patches
The patch for this vulnerability is included as part of v1.3.0.
Workarounds
No known workarounds.
AnalysisAI
Denial of service in Nimiq Core's history synchronization allows remote peers to trigger a panic in HistoryStore::put_historic_txns by submitting malformed transaction history with block numbers violating invariant constraints. During history sync, the panic occurs before validation checks compare the computed history root against the macro block header, causing affected nodes to crash. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Share
External POC / Exploit Code
Leaving vuln.today