GHSA-mr7q-c9w9-wh4h

Опубликовано: 13 янв. 2026

Источник: github

Github: Прошло ревью

CVSS4: 7.1

Описание

go-ethereum is vulnerable to DoS via malicious p2p message affecting a vulnerable node

Impact

A vulnerable node can be forced to shutdown/crash using a specially crafted message. More details to be released later.

Credit

This issue was reported to the Ethereum Foundation Bug Bounty Program by DELENE TCHIO ROMUALD.

Ссылки

Пакеты

Наименование

github.com/ethereum/go-ethereum

Затронутые версииВерсия исправления

<= 1.16.7

1.16.8

EPSS

Процентиль: 32%

0.00125

Низкий

7.1 High

CVSS4

CVE ID

CVE-2026-22862

Дефекты

CWE-20

Связанные уязвимости

CVE-2026-22862

nvd

6 дней назад

go-ethereum (geth) is a golang execution layer implementation of the Ethereum protocol. A vulnerable node can be forced to shutdown/crash using a specially crafted message. This vulnerability is fixed in 1.16.8.

CVE-2026-22862

debian

6 дней назад

go-ethereum (geth) is a golang execution layer implementation of the E ...

EPSS

Процентиль: 32%

0.00125

Низкий

7.1 High

CVSS4

CVE ID

CVE-2026-22862

Дефекты

CWE-20