CVE-2026-34061: CWE-345: Insufficient Verification of Data Authenticity in nimiq core-rs-albatross
A vulnerability in nimiq/core-rs-albatross versions prior to 1. 3. 0 allows an elected validator proposer to send an election macro block with an invalid interlink header. Honest validators accept the malformed proposal initially but later reject the finalized block due to an invalid interlink, causing a failure after Tendermint consensus has been reached. This issue has been fixed in version 1. 3. 0.
AI Analysis
Technical Summary
The vulnerability (CVE-2026-34061) affects the Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Before version 1.3.0, the verify_macro_block_proposal() function does not verify that the election macro block's header.interlink matches the canonical next interlink. This allows a proposer to submit a malformed macro block proposal that passes initial checks but is later rejected by verify_block() with an InvalidInterlink error during block push. Because validators prevote and precommit the malformed header hash, the failure occurs after Tendermint consensus finalizes the block, potentially disrupting consensus flow. The vulnerability is classified under CWE-345 (Insufficient Verification of Data Authenticity) and has a CVSS 3.1 score of 4.9 (medium severity).
Potential Impact
The vulnerability can cause consensus disruption by allowing a malformed election macro block to be accepted initially but rejected later, leading to failed block finalization after consensus voting. This may result in denial of service or instability in the blockchain network relying on the affected software. There is no indication of confidentiality or integrity compromise beyond consensus disruption. No known exploits in the wild have been reported.
Mitigation Recommendations
Upgrade to nimiq/core-rs-albatross version 1.3.0 or later, where this issue has been patched. No other mitigation or temporary workaround is indicated. Patch status is not explicitly stated in the vendor advisory, but the fix is included in version 1.3.0.
CVE-2026-34061: CWE-345: Insufficient Verification of Data Authenticity in nimiq core-rs-albatross
Description
A vulnerability in nimiq/core-rs-albatross versions prior to 1. 3. 0 allows an elected validator proposer to send an election macro block with an invalid interlink header. Honest validators accept the malformed proposal initially but later reject the finalized block due to an invalid interlink, causing a failure after Tendermint consensus has been reached. This issue has been fixed in version 1. 3. 0.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The vulnerability (CVE-2026-34061) affects the Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Before version 1.3.0, the verify_macro_block_proposal() function does not verify that the election macro block's header.interlink matches the canonical next interlink. This allows a proposer to submit a malformed macro block proposal that passes initial checks but is later rejected by verify_block() with an InvalidInterlink error during block push. Because validators prevote and precommit the malformed header hash, the failure occurs after Tendermint consensus finalizes the block, potentially disrupting consensus flow. The vulnerability is classified under CWE-345 (Insufficient Verification of Data Authenticity) and has a CVSS 3.1 score of 4.9 (medium severity).
Potential Impact
The vulnerability can cause consensus disruption by allowing a malformed election macro block to be accepted initially but rejected later, leading to failed block finalization after consensus voting. This may result in denial of service or instability in the blockchain network relying on the affected software. There is no indication of confidentiality or integrity compromise beyond consensus disruption. No known exploits in the wild have been reported.
Mitigation Recommendations
Upgrade to nimiq/core-rs-albatross version 1.3.0 or later, where this issue has been patched. No other mitigation or temporary workaround is indicated. Patch status is not explicitly stated in the vendor advisory, but the fix is included in version 1.3.0.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-03-25T16:21:40.866Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 69d03f860a160ebd92619e1b
Added to database: 4/3/2026, 10:30:30 PM
Last enriched: 4/3/2026, 10:45:41 PM
Last updated: 4/3/2026, 11:33:23 PM
Views: 5
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.