zebrad vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2026-52829Highzebra-network: Zebra Address Book Aborted by IPv4-Mapped Mempool Misbehavior UpdateCVE-2026-52734Mediumzebrad: zebrad has unbounded memory leak in mempool download pipeline via timeout path cancel_handles…CVE-2026-52733Mediumzebra-state: zebrad has persistent on-disk corruption of Sapling/Orchard subtree roots after chain fork via…CVE-2026-52739Mediumzebra-state: Zebra: Repeated Non-Finalized Shielded Transaction Aborts Zebra Before Duplicate-Nullifier RejectionCVE-2026-52738Mediumzebra-state: Zebra: Finalized address balance credit-first overflow on consensus-valid blocksCVE-2026-52737Mediumzebra-consensus: Zebra has sync restart poisoning from single unauthenticated peer via above-lookahead blockCVE-2026-52735Criticalzebra-script: zebrad has consensus divergence via P2SH sigop undercount in pure-Rust disabled-opcode parserCVE-2026-52736Highzebra-state: Zebra has block suppression via NU5 same-header body poisoning of sent-hash cacheGHSA-H72H-PPCX-998PLowzebra-network: Zebra has pre-handshake buffer capacity reservation based on attacker-claimed body lengthCVE-2026-52732Mediumzebrad: zebrad has mempool transaction admission denial via single-peer inbound queue saturationGHSA-C8W6-X74F-VMG3Mediumzebra-rpc: zebrad vulnerable to full node denial of service via crafted Sapling receiver in…GHSA-443G-GWGP-49X4Lowzebrad: zebrad vulnerable to getblocks/getheaders locator CPU amplification via uncapped vector lengthCVE-2026-52731Mediumzebra-rpc: zebrad has full node denial of service via non-ASCII LongPollId in getblocktemplateCVE-2026-44499Highzebrad: Zebra has Permanent Block Discovery Halt via Gossip Queue Saturation and Syncer PoisoningGHSA-PVMV-CWG8-V6C8Criticalzebrad: Zebra v4.4.0 still accepts V5 SIGHASH_SINGLE without a corresponding outputGHSA-CWFQ-RFCR-8HMPCriticalzebrad: Zebra's Transparent SIGHASH_SINGLE Handling Diverges from zcashd for Corresponding OutputsCVE-2026-44497Criticalzebra-script: Zebra has Consensus Divergence in Transparent Sighash Hash-Type Handling due to Stale BufferCVE-2026-44500Mediumzebra-network: Zebra Vulnerable to Allocation Amplification in Inbound Network DeserializersCVE-2026-44498Criticalzebrad: Zebra's Block Validator Undercounts Coinbase and P2SH SigopsCVE-2026-41583Criticalzebrad: Zebra Vulnerable to Consensus Divergence in Transparent Sighash Hash-Type HandlingCVE-2026-41585Mediumzebra-rpc: Zebra Vulnerable to Denial of Service via Interrupted JSON-RPC Requests from Authenticated ClientsCVE-2026-41584Criticalzebrad: Zebra has rk Identity Point Panic in Transaction VerificationCVE-2026-40881Mediumzebrad: Zebra: addr/addrv2 Deserialization Resource ExhaustionCVE-2026-40880Highzebra-consensus: Zebra: Cached Mempool Verification Bypasses Consensus Rules for Ahead-of-Tip BlocksCVE-2026-34377Highzebrad: Zebra has a Consensus Failure due to Improper Verification of V5 Transactions

Stop the waste.
Protect your environment with Kodem.