CVE-2026-40094
Deferred Deferred - Pending Action
nimiq-blockchain PeerContact Crash via Empty Address List

Publication date: 2026-05-20

Last updated on: 2026-05-20

Assigner: GitHub, Inc.

Description
nimiq-blockchain provides persistent block storage for Nimiq's Rust implementation. In versions 1.3.0 and prior, network-libp2p discovery accepts signed PeerContact updates from untrusted peers and stores them in a peer contact book, eventually leading to address book crash. A PeerContact can legally contain an empty addresses list (no intrinsic validation enforces non-empty). Later, PeerContactBook::known_peers builds an address book by taking addresses.first().expect("every peer should have at least one address"). If the attacker has inserted a signed peer contact with addresses=[], any call to get_address_book (RPC/web client) can panic and crash the node/RPC task depending on panic settings. This issue has been fixed in version 1.4.0.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-20
Last Modified
2026-05-20
Generated
2026-06-10
AI Q&A
2026-05-21
EPSS Evaluated
2026-06-08
NVD
CVE-2026-40094
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
nimiq nimiq-blockchain to 1.4.0 (exc)
nimiq nimiq-blockchain 1.4.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-754 The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

The vulnerability exists in the nimiq-blockchain software versions 1.3.0 and earlier. It involves the network-libp2p discovery component accepting signed PeerContact updates from untrusted peers and storing them in a peer contact book. A PeerContact can legally have an empty list of addresses, but the software later assumes every peer has at least one address. If an attacker inserts a signed PeerContact with an empty addresses list, any call to get_address_book can cause the node or RPC task to panic and crash.

This issue was fixed in version 1.4.0.

Impact Analysis

This vulnerability can cause the node or RPC task of the nimiq-blockchain software to crash unexpectedly when it processes a malicious PeerContact with an empty address list. This can lead to denial of service, disrupting the availability of the node and potentially affecting network operations or services relying on it.

Mitigation Strategies

To mitigate this vulnerability, upgrade nimiq-blockchain to version 1.4.0 or later, where the issue has been fixed.

Compliance Impact

The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Detection Guidance

This vulnerability can be detected by monitoring for crashes or panics in the Nimiq node or RPC tasks related to the get_address_book calls. Specifically, look for panic messages caused by the PeerContactBook::known_peers function expecting at least one address but receiving an empty addresses list.

Since the issue arises when a signed PeerContact update contains an empty addresses list, detection can involve inspecting network traffic or logs for PeerContact updates with empty address fields.

Suggested commands or approaches include:

  • Check node logs for panic or crash messages related to "every peer should have at least one address".
  • Use network packet inspection tools (e.g., tcpdump, Wireshark) to capture and analyze PeerContact update messages for empty address lists.
  • If you have access to the node's RPC interface, repeatedly call get_address_book and monitor for crashes or panics.
  • Use grep or similar tools on log files to search for panic traces: grep -i 'every peer should have at least one address' /path/to/logfile
Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-40094. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart