CVE-2026-40881— Zebra: addr/addrv2 Deserialization Resource Exhaustion
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-40881
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Zebra: addr/addrv2 Deserialization Resource Exhaustion
Source: NVD (National Vulnerability Database)
Vulnerability Description
ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.3.0 and zebra-network version 5.0.1, when deserializing addr or addrv2 messages, which contain vectors of addresses, Zebra would fully deserialize them up to a maximum length (over 233,000) that was derived from the 2 MiB message size limit. This is much larger than the actual limit of 1,000 messages from the specification. Zebra would eventually check that limit but, at that point, the memory for the larger vector was already allocated. An attacker could cause out-of-memory aborts in Zebra by sending multiple such messages over different connections. This vulnerability is fixed in zebrad version 4.3.0 and zebra-network version 5.0.1.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
不加限制或调节的资源分配
Source: NVD (National Vulnerability Database)
Vulnerability Title
zebra 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
zebra是Zcash Foundation开源的一个用Rust编写的Zcash全节点实现。 zebra 4.3.0之前版本和zebra-network 5.0.1之前版本存在安全漏洞,该漏洞源于反序列化addr或addrv2消息时,在检查实际消息数量限制前分配过多内存,可能导致内存耗尽。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| ZcashFoundation | zebrad | < 4.3.1 | - | |
| ZcashFoundation | zebra-network | < 5.0.1 | - |
II. Public POCs for CVE-2026-40881
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-40881
请登录查看更多情报信息。
IV. Related Vulnerabilities
Same vendor: ZcashFoundation
- CVE-2026-44499
ZEBRA: Permanent Block Discovery Halt via Gossip Queue Satur - CVE-2026-44500
ZEBRA: Allocation Amplification in Inbound Network Deseriali - CVE-2026-44498
ZEBRA: Block Validator Undercounts Coinbase and P2SH Sigops - CVE-2026-44497
ZEBRA: Consensus Divergence in Transparent Sighash Hash-Type - CVE-2026-41585
ZEBRA: Denial of Service via Interrupted JSON-RPC Requests f
Same weakness: CWE-770
- CVE-2026-42294
Argo Workflows: Unauthenticated Memory Exhaustion (DoS) in W - CVE-2026-42189
Russh: Pre-auth DoS via unbounded allocation in keyboard-int - CVE-2026-42793
Atom table exhaustion via attacker-controlled GraphQL SDL na - CVE-2026-44499
ZEBRA: Permanent Block Discovery Halt via Gossip Queue Satur - CVE-2026-44500
ZEBRA: Allocation Amplification in Inbound Network Deseriali
V. Comments for CVE-2026-40881
No comments yet