CVE-2025-65548 identifies a critical vulnerability in nutshell (cashubtc/nuts) versions prior to 0.18.0 related to improper validation of preimage sizes when spending cashu tokens. Cashu tokens utilize a cryptographic preimage hash mechanism, where the preimage is revealed upon token spending to prove ownership. However, nutshell fails to enforce size constraints on these preimages, allowing an attacker to craft tokens with excessively large preimages. When such tokens are spent, the mint stores the preimage data in its database and disk storage without limitation. This flaw can be exploited remotely without authentication or user interaction, as the CVSS vector indicates network attack vector, low attack complexity, and no privileges required. The primary impact is a denial-of-service condition through resource exhaustion, potentially filling the mint’s database and disk space, leading to service degradation or outages. The vulnerability is categorized under CWE-1284, which relates to improper validation of input sizes. Although no public exploits have been reported yet, the high CVSS score (9.1) reflects the critical nature of this flaw. The absence of patch links suggests that a fix is either pending or must be obtained from the vendor’s latest releases. Organizations relying on nutshell for managing cashu tokens must be aware of this risk and act promptly to prevent exploitation.

For European organizations, especially those involved in cryptocurrency services, fintech, or digital payment systems utilizing nutshell for cashu token management, this vulnerability poses a significant risk of denial-of-service attacks. An attacker could remotely flood the mint’s storage with large preimage data, causing database bloat and disk exhaustion, which may lead to system crashes, service unavailability, and potential data corruption. This disruption could affect transaction processing, customer trust, and regulatory compliance, particularly under stringent EU data protection and operational resilience requirements. The inability to process legitimate token spends could also impact financial operations and liquidity. Additionally, recovery from such an attack might require costly database maintenance or hardware upgrades. Given the critical severity and ease of exploitation, the threat could be leveraged by cybercriminals or hacktivists targeting European crypto infrastructure to cause operational disruptions.

The primary mitigation is to upgrade nutshell to version 0.18.0 or later, where proper validation of preimage sizes is enforced. Until an upgrade is possible, organizations should implement input validation at the application or network layer to restrict the size of preimage data accepted by the mint. Rate limiting and anomaly detection mechanisms should be deployed to identify and block abnormal token spend requests with unusually large preimages. Monitoring disk usage and database growth closely can provide early warning signs of exploitation attempts. Additionally, segregating the mint’s database storage on dedicated volumes with quota management can limit the impact of resource exhaustion. Organizations should also review and harden their incident response plans to address potential denial-of-service scenarios related to this vulnerability. Engaging with the nutshell vendor or community for patches and security advisories is recommended to stay updated on fixes and best practices.