Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

cometbft — Vulnerabilities & Security Advisories 3

Browse all 3 CVE security advisories affecting cometbft. AI-powered Chinese analysis, POCs, and references for each vulnerability.

CometBFT 是一个开源的拜占庭容错共识引擎,主要用于构建高可用、可扩展的区块链系统。历史上,该项目的漏洞主要集中在拒绝服务攻击和内存安全问题,如整数溢出和缓冲区溢出。尽管已记录 3 条 CVE,其安全机制通过严格的测试和社区审查持续改进。2022 年曾发现一处可能导致状态不一致的漏洞,但及时修复未造成重大影响。项目采用模块化设计,便于安全审计和漏洞修复。

Found 3 results / 3Clear Filters
Top products by cometbft: cometbft
CVE IDTitleCVSSSeverityPublished
CVE-2025-24371 Malicious peer can make node stuck in blocksync in github.com/cometbft/cometbft — cometbftCWE-703 5.3 -2025-02-03
CVE-2023-34450 CometBFT PeerState JSON serialization deadlock — cometbftCWE-401 3.7 Low2023-07-03
CVE-2023-34451 CometBFT may duplicate transactions in the mempool's data structures — cometbftCWE-401 8.2 High2023-07-03

This page lists every published CVE security advisory associated with cometbft. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.