Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bitcoin core vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-34149
In Bitcoin Core up to and including 27.0 and Bitcoin Knots prior to 25.1.knots20231115, tapscript lacks a policy size limit check, a different issue than CVE-2023-50428. NOTE: some parties oppose this new limit check (for example, because they agree with the objective but disagre...
5.3
CVSSv3
CVE-2023-50428
In Bitcoin Core up to and including 26.0 and Bitcoin Knots prior to 25.1.knots20231115, datacarrier size limits can be bypassed by obfuscating data as code (e.g., with OP_FALSE OP_IF), as exploited in the wild by Inscriptions in 2022 and 2023. NOTE: although this is a vulnerabili...
Bitcoin Bitcoin Core
Bitcoinknots Bitcoin Knots
7.5
CVSSv3
CVE-2023-37192
Memory management and protection issues in Bitcoin Core v22 allows malicious users to modify the stored sending address within the app's memory, potentially allowing them to redirect Bitcoin transactions to wallets of their own choosing.
Bitcoin Bitcoin Core 22.0
7.5
CVSSv3
CVE-2023-33297
Bitcoin Core prior to 24.1, when debug mode is not used, allows malicious users to cause a denial of service (e.g., CPU consumption) because draining the inventory-to-send queue is inefficient, as exploited in the wild in May 2023.
Bitcoin Bitcoin Core
6.5
CVSSv3
CVE-2021-31876
Bitcoin Core 0.12.0 up to and including 0.21.1 does not properly implement the replacement policy specified in BIP125, which makes it easier for malicious users to trigger a loss of funds, or a denial of service attack against downstream projects such as Lightning network nodes. ...
Bitcoin Bitcoin
9.8
CVSSv3
CVE-2021-3401
Bitcoin Core prior to 0.19.0 might allow remote malicious users to execute arbitrary code when another application unsafely passes the -platformpluginpath argument to the bitcoin-qt program, as demonstrated by an x-scheme-handler/bitcoin handler for a .desktop file or a web brows...
Bitcoin Bitcoin
7.5
CVSSv3
CVE-2021-3195
bitcoind in Bitcoin Core up to and including 0.21.0 can create a new file in an arbitrary directory (e.g., outside the ~/.bitcoin directory) via a dumpwallet RPC call. NOTE: this reportedly does not violate the security model of Bitcoin Core, but can violate the security model of...
Bitcoin Bitcoin Core
7.5
CVSSv3
CVE-2020-14198
Bitcoin Core 0.20.0 allows remote denial of service.
Bitcoin Bitcoin Core 0.20.0
7.5
CVSSv3
CVE-2018-17145
Bitcoin Core 0.16.x prior to 0.16.2 and Bitcoin Knots 0.16.x prior to 0.16.2 allow remote denial of service via a flood of multiple transaction inv messages with random hashes, aka INVDoS. NOTE: this can also affect other cryptocurrencies, e.g., if they were forked from Bitcoin C...
Bcoin Bcoin
Bitcoin Bitcoin Core
Bitcoinknots Bitcoin Knots
Btcd Project Btcd 0.3.0
Btcd Project Btcd 0.3.1
Btcd Project Btcd 0.3.2
Btcd Project Btcd 0.3.3
Btcd Project Btcd 0.4.0
Btcd Project Btcd 0.5.0
Btcd Project Btcd 0.6.0
Btcd Project Btcd 0.7.0
Btcd Project Btcd 0.8.0
Btcd Project Btcd 0.9.0
Btcd Project Btcd 0.10.0
Btcd Project Btcd 0.11.0
Btcd Project Btcd 0.11.1
Btcd Project Btcd 0.12.0
Btcd Project Btcd 0.13.0
Btcd Project Btcd 0.20.0
Btcd Project Btcd 0.20.1
Decred Dcrd
Litecoin Litecoin
7.5
CVSSv3
CVE-2017-12842
Bitcoin Core prior to 0.14 allows an malicious user to create an ostensibly valid SPV proof for a payment to a victim who uses an SPV wallet, even if that payment did not actually occur. Completing the attack would cost more than a million dollars, and is relevant mainly only in ...
Bitcoin Bitcoin Core
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »