Description

nimiq-block contains block primitives to be used in Nimiq's Rust implementation. `SkipBlockProof::verify` computes its quorum check using `BitSet.len()`, then iterates `BitSet` indices and casts each `usize` index to `u16` (`slot as u16`) for slot lookup. Prior to version 1.3.0, if an attacker can get a `SkipBlockProof` verified where `MultiSignature.signers` contains out-of-range indices spaced by 65536, these indices inflate `len()` but collide onto the same in-range `u16` slot during aggregation. This makes it possible for a malicious validator with far fewer than `2f+1` real signer slots to pass skip block proof verification by multiplying a single BLS signature by the same factor. The patch for this vulnerability is included as part of v1.3.0. No known workarounds are available.

INFO

Published Date :

2026-04-22T19:13:04.687Z

Last Modified :

2026-04-23T14:15:20.570Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2026-33471 vulnerability.

Vendors Products
Nimiq
  • Nimiq-block
  • Nimiq Proof-of-stake
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-33471.

URL Resource
https://github.com/nimiq/core-rs-albatross/commit/d02059053181ed8ddad6b59a0adfd661ef5cd823 cve-icon cve-icon
https://github.com/nimiq/core-rs-albatross/releases/tag/v1.3.0 cve-icon cve-icon
https://github.com/nimiq/core-rs-albatross/security/advisories/GHSA-6973-8887-87ff cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact