CVE-2026-34065
Panic Vulnerability in nimiq-primitives via Invalid BLS Voting Key
Publication date: 2026-04-22
Last updated on: 2026-04-24
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| nimiq | nimiq_proof-of-stake | to 1.3.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-252 | The product does not check the return value from a method or function, which can prevent it from detecting unexpected states and conditions. |
| CWE-755 | The product does not handle or incorrectly handles an exceptional condition. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the nimiq-primitives library used in Nimiq's Rust implementation. Before version 1.3.0, an untrusted peer in the peer-to-peer network can cause a node to panic by announcing an election macro block that contains an invalid compressed BLS voting key in its validators set. When the node tries to hash the election macro header, it processes the validators and attempts to uncompress the voting key. If the voting key bytes are invalid, this causes the node to panic, leading to a denial of service.
How can this vulnerability impact me? :
The primary impact of this vulnerability is a denial of service (DoS) condition. An attacker controlling an untrusted peer can cause a node to panic and potentially crash by sending election macro blocks with invalid voting keys. This disrupts the normal operation of the node, affecting availability.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, you should upgrade the nimiq-primitives package to version 1.3.0 or later, where the patch for this issue is included.
No known workarounds are available, so applying the update is the immediate and recommended step.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability causes a denial-of-service condition by crashing nodes when processing election macro blocks with invalid compressed BLS voting keys. It impacts availability but does not affect confidentiality or integrity of data.
Since the vulnerability only affects availability and does not lead to unauthorized access, data leakage, or data modification, it does not directly impact compliance with data protection regulations such as GDPR or HIPAA, which primarily focus on confidentiality and integrity of personal or sensitive data.
However, the availability impact could indirectly affect compliance if the service disruption prevents timely access to data or services required under these regulations.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability occurs when an untrusted peer announces an election macro block containing invalid compressed BLS voting keys, causing the node to panic during block hashing. Detection involves monitoring for node crashes or panics triggered by malformed election macro blocks.
Since the vulnerability is triggered by invalid compressed BLS voting keys in election macro blocks, one way to detect it is to observe logs or error messages related to panics or crashes in the node software when processing such blocks.
The patch introduces explicit validation methods such as `validate_keys()` and early block header verification (`verify_header()`) to reject malformed blocks before hashing. If you are running a patched version (v1.3.0 or later), these checks will prevent crashes.
For unpatched systems, there are no known direct detection commands provided in the resources. However, you can monitor the node logs for panic messages related to `uncompress().unwrap()` failures or crashes during election macro block processing.
No specific command-line tools or commands are provided in the resources to detect this vulnerability on your network or system.