Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2026-46543
PUBLISHED
More InfoOfficial Page
Assigner-GitHub_M
Assigner Org ID-a0819718-46f1-4df5-94e2-005712e83aaa
View Known Exploited Vulnerability (KEV) details
Published At-09 Jun, 2026 | 23:47
Updated At-10 Jun, 2026 | 16:32
Rejected At-
▼CVE Numbering Authority (CNA)
nimiq-blockchain: Genesis batch set request

Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.5.0, a remote peer can crash any full node by sending a RequestBatchSet message containing the genesis block's hash. The handler calls get_epoch_chunks which iterates backwards through macro blocks using Policy::macro_block_before. When it reaches the genesis block number, macro_block_before panics with "No macro blocks before genesis block". This issue has been patched in version 1.5.0.

Affected Products
Vendor
nimiq
Product
core-rs-albatross
Versions
Affected
  • < 1.5.0
Problem Types
TypeCWE IDDescription
CWECWE-617CWE-617: Reachable Assertion
Type: CWE
CWE ID: CWE-617
Description: CWE-617: Reachable Assertion
Metrics
VersionBase scoreBase severityVector
3.15.3MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Version: 3.1
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/nimiq/core-rs-albatross/security/advisories/GHSA-vghx-352f-93jm
x_refsource_CONFIRM
https://github.com/nimiq/core-rs-albatross/pull/3745
x_refsource_MISC
https://github.com/nimiq/core-rs-albatross/releases/tag/v1.5.0
x_refsource_MISC
Hyperlink: https://github.com/nimiq/core-rs-albatross/security/advisories/GHSA-vghx-352f-93jm
Resource:
x_refsource_CONFIRM
Hyperlink: https://github.com/nimiq/core-rs-albatross/pull/3745
Resource:
x_refsource_MISC
Hyperlink: https://github.com/nimiq/core-rs-albatross/releases/tag/v1.5.0
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Details not found