CVE
CVE-2026-22862
go-ethereum is vulnerable to DoS via malicious p2p message affecting a vulnerable node
Impact
A vulnerable node can be forced to shutdown/crash using a specially crafted message.
More details to be released later.
Credit
This issue was reported to the Ethereum Foundation Bug Bounty Program by DELENE TCHIO ROMUALD.
Package Versions Affected
Package Version
patch Availability
No items found.
Automatically patch vulnerabilities without upgrading
Fix Without Upgrading
Detect compatible fix
Apply safe remediation
Fix with a single pull request
CVSS Version
Severity
Base Score
CVSS Version
Score Vector
C
H
U
7.1
-
4.0
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
C
H
U
0
-
C
H
U
6.5
-
3.1
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Related Resources
No items found.
References
https://github.com/ethereum/go-ethereum/security/advisories/GHSA-mr7q-c9w9-wh4h, https://nvd.nist.gov/vuln/detail/CVE-2026-22862, https://github.com/ethereum/go-ethereum/commit/abeb78c647e354ed922726a1d719ac7bc64a07e2, https://github.com/ethereum/go-ethereum
Basic Information
Ecosystem
