Primary

Context

Bitcoin Core Denial-of-Service Vulnerability via Crafted Transactions

Vulnerability

Patched

A denial-of-service vulnerability has been identified in Bitcoin Core versions through 29.0. The issue arises when the software processes unconfirmed transactions that have been specially crafted. These transactions, while non-standard and ultimately rejected, consume a significant amount of CPU time for each node that validates them. This resource exhaustion can delay block propagation across the network.

Impact

Exploitation of this vulnerability leads to increased CPU usage on affected nodes, causing a slowdown in transaction processing and block propagation.

Remediation

Users can upgrade to Bitcoin Core version 30.0 or later to address this vulnerability.

Added: Mar 20, 2026, 3:22 PM

Updated: Mar 20, 2026, 3:22 PM

Vulnerability Rating

Custom Algorithm

spread

3.4

impact

0.6

exploitability

8.3

remediation

7.7

relevance

4.2

threat

0.0

urgency

2.9

incentive

8.3

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

3.4

impact

0.6

exploitability

8.3

remediation

7.7

relevance

4.2

threat

0.0

urgency

2.9

incentive

8.3

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Bitcoin Core Denial-of-Service Vulnerability via Crafted Transactions

Vulnerability

Impact

Remediation

Affected Products

Bitcoin Core

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating