VYPR
High severity7.5GHSA Advisory· Published Jun 10, 2026· Updated Jun 10, 2026

CVE-2026-46545

CVE-2026-46545

Description

Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.5.0, a remote, unauthenticated denial-of-service vulnerability in MerkleRadixTrie::put_chunk allows any state-sync peer to crash any node performing state synchronization (freshly joining nodes and recovering nodes). This issue has been patched in version 1.5.0.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
nimiq-primitivescrates.io
< 1.5.01.5.0

Affected products

1

Patches

Vulnerability mechanics

References

6

News mentions

1