Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from GitHub Advisory · only source for this CVE.
CVSS VectorGitHub Advisory
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
4DescriptionGitHub Advisory
UltraDAG is a minimal DAG-BFT blockchain in Rust. Prior to commit fb6ef59, the UltraDAG StateEngine implementation of SmartTransferTx contains a critical logic flaw in its policy enforcement pipeline. When a transaction originates from a "Pocket" (a derived sub-address documented in the protocol as a way to organize funds), the engine fails to resolve the pocket's parent account before checking the spending policy. Because pockets are "virtual" addresses that exist only as entries in the pocket_to_parent map and do not have their own SmartAccountConfig entries, the check_spending_policy method defaults to an "authorized/no policy" result. This allow any user (or attacker in possession of a parent key) to instantly drain every pocket on an account, even if the parent account has a strict 24-hour vault delay or a 1 UDAG daily limit. This issue has been patched via commit fb6ef59.
AnalysisAI
Authentication bypass in UltraDAG Core blockchain allows remote unauthenticated attackers to drain all pocket-derived sub-addresses on smart accounts, completely bypassing vault delays and daily spending limits. The StateEngine fails to resolve pocket addresses to their parent account during policy enforcement, treating virtual pocket addresses as unrestricted accounts. Confirmed actively exploited (CISA KEV). Vendor-released patch: commit fb6ef59 resolves pocket-to-parent mapping before all policy checks. EPSS data unavailable but attack vector is network-accessible with no complexity (CVSS 4.0 AV:N/AC:L/PR:N), making this a critical priority for any UltraDAG deployment using smart account pockets.
Technical ContextAI
UltraDAG implements a DAG-BFT blockchain with smart accounts supporting 'pockets' - derived sub-addresses that organize funds under a parent account (similar to HD wallet derivation). The affected component is StateEngine in ultradag-coin/src/state/engine.rs, specifically the check_spending_policy method invoked during SmartTransferTx execution. Pockets exist only as entries in the pocket_to_parent HashMap and lack their own SmartAccountConfig records. The root cause (CWE-284: Improper Access Control) occurs because the policy enforcement pipeline queries self.smart_accounts.get_mut(&tx.from) directly without first resolving tx.from through pocket_to_parent. When tx.from is a pocket address, the lookup returns None, and the check_spending_policy method defaults to authorized/no-policy. Meanwhile, signature verification in verify_smart_transfer correctly resolves pockets to parents for authorization, creating an asymmetric security model where authentication succeeds via the parent key but enforcement bypasses the parent's configured vault delays (e.g., 24-hour holds) and daily limits (e.g., 1 UDAG caps). The CPE string cpe:2.3:a:ultradagcom:core identifies all versions prior to commit fb6ef59.
RemediationAI
Apply vendor-released patch by upgrading to UltraDAG Core commit fb6ef59d6c1385400e7acea7ae31fc6a473c3051 or later (https://github.com/UltraDAGcom/core/commit/fb6ef59d6c1385400e7acea7ae31fc6a473c3051). The patch adds pocket-to-parent resolution in three critical paths: check_spending_policy now resolves let policy_owner = self.pocket_to_parent.get(from).copied().unwrap_or(*from) before querying smart_accounts; vault creation records the origin address in a new PendingVaultTransfer.from field to ensure cancel refunds return to the correct surface; and vault execution resolves policy_owner for all limit checks. If immediate patching is not feasible, implement these compensating controls with noted trade-offs: (1) Disable pocket creation via node policy configuration - prevents new vulnerable addresses but does not protect existing pockets, and removes legitimate organizational functionality. (2) Monitor all SmartTransferTx transactions originating from pocket addresses (identifiable via on-chain pocket_to_parent mappings) and manually validate against parent policies - operationally intensive and does not prevent exploitation, only detects it post-facto. (3) Force-migrate all pocket balances to parent addresses via administrative tooling - requires coordinated user action and breaks pocket-based fund organization. None of these workarounds provide complete protection; patching is the only full remediation. Review the 265-line regression test suite in the patch commit (tests/smart_account_policy_pocket.rs) to validate fix completeness in your environment.
Credential-harvesting malware compromised 84 versions of 42 TanStack npm packages on 2026-05-11 via chained GitHub Actio
HashiCorp Terraform’s Vault Provider (terraform-provider-vault) did not correctly configure GCE-type bound labels for Va
An XML external entity (XXE) vulnerability in the Password Vault Web Access (PVWA) of CyberArk Enterprise Password Vault
PhotoRange Photo Vault 1.2 appends the password to the URI for authorization, which makes it easier for remote attackers
The REST API in CyberArk Password Vault Web Access before 9.9.5 and 10.x before 10.1 allows remote attackers to execute
Account takeover in self-hosted Bitwarden Server before 2026.6.0 lets a low-privileged organization member steal any oth
vault-cli is a configurable command-line interface tool (and python library) to interact with Hashicorp Vault. Rated cri
The SRP-6a implementation in Kee Vault KeePassRPC before 1.12.0 is missing validation for a client-provided parameter, w
The SRP-6a implementation in Kee Vault KeePassRPC before 1.12.0 generates insufficiently random numbers, which allows re
HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) before 4.0.24 uses weak permissions for the sudo help
Atlantis is a self-hosted golang application that listens for Terraform pull request events via webhooks. Rated high sev
Coder allows organizations to provision remote development environments via Terraform. Rated high severity (CVSS 8.1), t
Same weakness CWE-284 – Improper Access Control
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-28526