CVE-2026-34064HIGH 8.2EPSS p19.0%

CVE-2026-34064CVE-2026-34064

Description

nimiq-account contains account primitives to be used in Nimiq's Rust implementation. Prior to version 1.3.0, `VestingContract::can_change_balance` returns `AccountError::InsufficientFunds` when `new_balance < min_cap`, but it constructs the error using `balance: self.balance - min_cap`. `Coin::sub` panics on underflow, so if an attacker can reach a state where `min_cap > balance`, the node crashes while trying to return an error. The `min_cap > balance` precondition is attacker-reachable because the vesting contract creation data (32-byte format) allows encoding `total_amount` without validating `total_amount <= transaction.value` (the real contract balance). After creating such a vesting contract, the attacker can broadcast an outgoing transaction to trigger the panic during mempool admission and block processing. The patch for this vulnerability is included as part of v1.3.0. No known workarounds are available.

Scoring

CVSS 3.18.2 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
EPSS0.27% probability of exploitation · percentile 19.0% · 2026-06-19T12:03:05Z
Published2026-04-22
Last modified2026-04-24

Underlying weaknesses· 1

CWE-191

References

  1. https://github.com/nimiq/core-rs-albatross/commit/4d01946f0b3d6c6e31786f91cdfb3eb902908da0
  2. https://github.com/nimiq/core-rs-albatross/pull/3658
  3. https://github.com/nimiq/core-rs-albatross/releases/tag/v1.3.0
  4. https://github.com/nimiq/core-rs-albatross/security/advisories/GHSA-vc34-39q2-m6q3

1

TypeTargetConfidenceTier
WeaknessInteger Underflow (Wrap or Wraparound)cwe-1910%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-40093
CVE
CVE-2026-33471
CVE
CVE-2026-46543
CVE
CVE-2026-46540
CVE
CVE-2026-46545
CVE
CVE-2026-46539
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.