CVE-2026-35679: Zcashd Invalid Transactions - Version 0-6.12.0
Plattform
linux
Komponente
zcashd
Behoben in
6.12.0
CVE-2026-35679 describes a vulnerability in Zcashd where invalid transactions could be accepted under specific circumstances. This flaw could potentially lead to the draining of user funds from the Sprout pool, a critical component of the Zcash network. The vulnerability impacts versions of Zcashd from 0.0.0 up to and including 6.12.0. A patch addressing this issue is available in version 6.12.0.
So beheben
Kein offizieller Patch verfügbar. Prüfe auf Workarounds oder überwache auf Updates.
Häufig gestellte Fragen
What is CVE-2026-35679?
CVE-2026-35679 is a security vulnerability in Zcashd that allows invalid transactions to be accepted, potentially leading to the draining of user funds from the Sprout pool due to insufficient Sprout proof verification.
Am I affected by CVE-2026-35679?
You are potentially affected if you are running a version of Zcashd prior to 6.12.0 (versions 0.0.0 through 6.12.0 are vulnerable).
How do I fix CVE-2026-35679?
Update your Zcashd software to version 6.12.0 or later to resolve this vulnerability. This update includes the necessary fix for proper Sprout proof verification.
Abhängigkeiten automatisch überwachen
Werde benachrichtigt, wenn neue Schwachstellen deine Projekte betreffen. Für immer kostenlos.
Kostenlos starten