VYPR

Zcash

by Zcash

Source repositories

CVEs (4)

  • CVE-2026-35679LowApr 5, 2026
    risk 0.16cvss 3.5epss 0.00

    Zcash zcashd before 6.12.0 allows invalid transactions to be accepted under certain conditions, which potentially could have resulted in the draining of user funds from the Sprout pool. It was sometimes not verifying Sprout proofs.

  • CVE-2019-16930Sep 28, 2019
    risk 0.00cvss epss 0.02

    Zcashd in Zcash before 2.0.7-3 allows discovery of the IP address of a full node that owns a shielded address, related to mishandling of exceptions during deserialization of note plaintexts. This affects anyone who has disclosed their zaddr to a third party.

  • CVE-2019-11636May 1, 2019
    risk 0.00cvss epss 0.02

    Zcash 2.x allows an inexpensive approach to "fill all transactions of all blocks" and "prevent any real transaction from occurring" via a "Sapling Wood-Chipper" attack.

  • CVE-2019-7167Mar 27, 2019
    risk 0.00cvss epss 0.02

    Zcash, before the Sapling network upgrade (2018-10-28), had a counterfeiting vulnerability. A key-generation process, during evaluation of polynomials related to a to-be-proven statement, produced certain bypass elements. Availability of these elements allowed a cheating prover…