CVE-2026-34061

MEDIUM EPSS 8.5%
Published Apr 3, 20263mo ago · Modified Jun 17, 20262w ago
6.5 CVSS 3.1
Medium
Find Similar
Published Apr 3, 2026 3mo ago
Last Modified Jun 17, 2026 2w ago

Description

nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.3.0, an elected validator proposer can send an election macro block whose header.interlink does not match the canonical next interlink. Honest validators accept that proposal in verify_macro_block_proposal() because the proposal path validates header shape, successor relation, proposer, body root, and state, but never checks the interlink binding for election blocks. The same finalized block is later rejected by verify_block() during push with InvalidInterlink. Because validators prevote and precommit the malformed header hash itself, the failure happens after Tendermint decides the block, not before voting. This issue has been patched in version 1.3.0.

CVSS Details

Base Score
6.5
Exploitability
2.8
Impact
3.6
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Network
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
8.5% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-345

Affected Products 1

VendorProductVersionRange
nimiqnimiq_proof-of-stake* ≤1.2.2

References 4

  • github.com https://github.com/nimiq/core-rs-albatross/commit/9d7d17c9163384e79f61cdbbfe9853ae57bb8bf7
    Patch
  • github.com https://github.com/nimiq/core-rs-albatross/pull/3668
    Patch
  • github.com https://github.com/nimiq/core-rs-albatross/releases/tag/v1.3.0
    Release Notes
  • github.com https://github.com/nimiq/core-rs-albatross/security/advisories/GHSA-gr83-j5f8-p2r5
    Third Party Advisory

Remediation

  • github.com https://github.com/nimiq/core-rs-albatross/commit/9d7d17c9163384e79f61cdbbfe9853ae57bb8bf7
    Patch
  • github.com https://github.com/nimiq/core-rs-albatross/pull/3668
    Patch