SecuriTricks - CVE-2026-46539

Description

Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.4.0, a logic flaw in BlockInclusionProof::is_block_proven causes the function to return true without performing any cryptographic verification when get_interlink_hops yields an empty hop list. This occurs when the target block is at the election block position immediately preceding the election head's epoch. An attacker providing transaction inclusion proofs can forge a MacroBlock header for that epoch position and have it accepted as "proven" without any hash or signature verification. This issue has been patched in version 1.4.0.

Product(s) Impacted

Vendor	Product	Versions
Nimiq	Nimiq	<1.4.0

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-345

Insufficient Verification of Data Authenticity

The product does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.

*CPE(s)

Affected systems and software identified for this CVE.

Type	Vendor	Product	Version	Update	Edition	Language	Software Edition	Target Software	Target Hardware	Other Information
a	nimiq	nimiq	<1.4.0	/	/	/	/	/	/

References

https://github.com/nimiq/core-rs-albatross/pull/3705

https://github.com/nimiq/core-rs-albatross/releases/tag/v1.4.0

https://github.com/nimiq/core-rs-albatross/security/advisories/GHSA-799f-29jm-gr6c

CVSS Score

5.9 / 10

CVSS Data - 3.1

Attack Vector: NETWORK
Attack Complexity: HIGH
Privileges Required: NONE
Scope: UNCHANGED
Confidentiality Impact: NONE
Integrity Impact: HIGH
Availability Impact: NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

View Vector String

Timeline

Published: June 10, 2026, 12:16 a.m.
Last Modified: June 10, 2026, 12:16 a.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

[email protected]

CVE-2026-46539