Critical severity9.1GHSA Advisory· Published Dec 8, 2025· Updated Apr 15, 2026
CVE-2025-65849
CVE-2025-65849
Description
A cryptanalytic break in Altcha Proof-of-Work obfuscation mode version 0.8.0 and later allows for remote visitors to recover the Proof-of-Work nonce in constant time via mathematical deduction. NOTE: this is disputed by the Supplier because the product's objective is "to discourage automated scraping / bots, not guarantee resistance to determined attackers." The documentation states “the goal is not to provide a secure cryptographic algorithm but to use a proof-of-work mechanism that allows any capable device to decrypt the hidden data.”
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
altchanpm | >= 0.8.0, <= 2.2.4 | — |
Affected products
2- Range: >= 0.8.0, <= 2.2.4
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.