ethereum

Top products

The 15 most recently published vulnerabilities affecting ethereum.

• CVE-2026-40072web3.py affected by SSRF via CCIP Read (EIP-3668) OffchainLookup URL handling7.2Apr 9, 2026
• CVE-2026-26315Go Ethereum Improperly Validates the ECIES Public Key in RLPx Handshake7.5Feb 19, 2026
• CVE-2026-26314Go Ethereum affected by DoS via malicious p2p message7.5Feb 19, 2026
• CVE-2026-26313Go Ethereum affected by DoS via malicious p2p message7.5Feb 19, 2026
• CVE-2026-22868go-ethereum has a DoS via malicious p2p message7.5Jan 13, 2026
• CVE-2026-22862go-ethereum has a DoS via malicious p2p message7.5Jan 13, 2026
• CVE-2015-20112RLPx 5 has two CTR streams based on the same key, IV, and nonce. This can facilitate decryption on a private network.3.4Jun 29, 2025
• CVE-2024-32972go-ethereum denial of service via malicious p2p message7.5May 6, 2024
• CVE-2023-42319Geth (aka go-ethereum) through 1.13.4, when --http --graphql is used, allows remote attackers to cause a denial of service (memory consumption and daemon hang) via a crafted GraphQL query. NOTE: th...7.5Oct 18, 2023
• CVE-2023-36980An issue in Ethereum Blockchain v0.1.1+commit.6ff4cd6 cause the balance to be zeroed out when the value of betsize+casino.balance exceeds the threshold.5.3Sep 11, 2023
• CVE-2023-40591Denial of service via malicious p2p message in go-ethereum7.5Sep 6, 2023
• CVE-2022-1930ReDoS in eth-account encode_structured_data function5.9Aug 22, 2022
• CVE-2022-37450Go Ethereum (aka geth) through 1.10.21 allows attackers to increase rewards by mining blocks in certain situations, and using a manipulation of time-difference values to achieve replacement of main...5.9Aug 5, 2022
• CVE-2022-29177DoS via malicious p2p message in Go-Ethereum5.9May 20, 2022
• CVE-2021-42219Go-Ethereum v1.10.9 was discovered to contain an issue which allows attackers to cause a denial of service (DoS) via sending an excessive amount of messages to a node. This is caused by missing mem...7.5Mar 16, 2022