CVE-2026-34202 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.3.0 and zebra-chain version 6.0.1, a vulnerability in Zebra's transaction processing l…
Critical CVSS: 9.2

CVE-2026-34202

ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.3.0 and zebra-chain version 6.0.1, a vulnerability in Zebra's transaction processing logic allows a remote, unauthenticated attacker to cause a Zebra node to panic (crash). This is triggered by sending a specially crafted V5 transaction that passes initial deserialization but fails during transaction ID calculation. This issue has been patched in zebrad version 4.3.0 and zebra-chain version 6.0.1.
Vendor
-
Product
-
CWE
CWE-94
Yayın Tarihi
2026-03-31 15:16:17
Güncelleme
2026-04-01 14:24:02
Source Identifier
security-advisories@github.com
KEV Date Added
-

Kategoriler

CWE-94 CRITICAL 2026

Referanslar

https://github.com/ZcashFoundation/zebra/releases/tag/v4.3.0 https://github.com/ZcashFoundation/zebra/security/advisories/GHSA-qp6f-w4r3-h8wg https://zfnd.org/zebra-4-3-0-critical-security-fixes-zip-235-support-and-performance-improvements