Known Vulnerabilities for products from Ethereum
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Ethereum".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-40072 json | Not Provided | 2026-04-09 | 2026-04-09 | |
| CVE-2023-42319 json | Geth (aka go-ethereum) through 1.13.4, when --http --graphql is used, allows remote attackers to cause a denial of service (m... | 7.5 - HIGH | 2023-10-18 | 2023-10-25 |
| CVE-2023-40591 json | go-ethereum (geth) is a golang execution layer implementation of the Ethereum protocol. A vulnerable node, can be made to con... | 7.5 - HIGH | 2023-09-06 | 2023-09-12 |
| CVE-2023-36980 json | An issue in Ethereum Blockchain v0.1.1+commit.6ff4cd6 cause the balance to be zeroed out when the value of betsize+casino.bal... | 5.3 - MEDIUM | 2023-09-11 | 2023-09-14 |
| CVE-2022-37450 json | Go Ethereum (aka geth) through 1.10.21 allows attackers to increase rewards by mining blocks in certain situations, and using... | 5.9 - MEDIUM | 2022-08-05 | 2023-11-07 |
| CVE-2022-29177 json | Go Ethereum is the official Golang implementation of the Ethereum protocol. Prior to version 1.10.17, a vulnerable node, if c... | 5.9 - MEDIUM | 2022-05-20 | 2022-06-06 |
| CVE-2022-23328 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2022-03-04 | 2022-03-17 |
| CVE-2022-23327 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2022-03-04 | 2022-03-17 |
| CVE-2022-1930 json | An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the eth-account PyPI package, when an attacke... | 7.5 - HIGH | 2022-08-22 | 2023-07-24 |
| CVE-2021-43668 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.5 - MEDIUM | 2021-11-18 | 2021-11-23 |
| CVE-2021-42219 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2022-03-17 | 2022-03-28 |
| CVE-2021-41173 json | Go Ethereum is the official Golang implementation of the Ethereum protocol. Prior to version 1.10.9, a vulnerable node is sus... | 5.7 - MEDIUM | 2021-10-26 | 2021-10-28 |
| CVE-2021-39137 json | go-ethereum is the official Go implementation of the Ethereum protocol. In affected versions a consensus-vulnerability in go-... | 7.5 - HIGH | 2021-08-24 | 2021-08-31 |
| CVE-2020-26800 json | A stack overflow vulnerability in Aleth Ethereum C++ client version <= 1.8.0 using a specially crafted a config.json file may... | 5.5 - MEDIUM | 2021-01-11 | 2021-01-13 |
| CVE-2020-26265 json | Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. In Geth from version 1.9.4 and before... | 5.3 - MEDIUM | 2020-12-11 | 2020-12-14 |
| CVE-2020-26264 json | Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. In Geth before version 1.9.25 a denia... | 6.5 - MEDIUM | 2020-12-11 | 2020-12-14 |
| CVE-2020-26242 json | Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. In Geth before version 1.9.18, there ... | 7.5 - HIGH | 2020-11-25 | 2020-12-03 |
| CVE-2020-26241 json | Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. This is a Consensus vulnerability in ... | 7.1 - HIGH | 2020-11-25 | 2020-12-03 |
| CVE-2020-26240 json | Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. An ethash mining DAG generation flaw ... | 7.5 - HIGH | 2020-11-25 | 2020-12-03 |
| CVE-2018-20421 json | Go Ethereum (aka geth) 1.8.19 allows attackers to cause a denial of service (memory consumption) by rewriting the length of a... | 7.5 - HIGH | 2018-12-24 | 2019-10-03 |
Known software with vulnerabilities from Ethereum
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Ethereum | Aleth | - |
| Application | Ethereum | Ethereum | - |
| Application | Ethereum | Ethereumj | 1.8.2 |
| Application | Ethereum | Ethereum Virtual Machine | - |
| Application | Ethereum | Go Ethereum | 0.2.2 |