Browse all 3 CVE security advisories affecting filecoin-project. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Filecoin is a decentralized storage network designed to store humanity's most important information securely. Historically, the project has faced vulnerabilities including remote code execution, cross-site scripting, and privilege escalation issues. Security characteristics emphasize its decentralized nature, reducing single points of failure. While no major public security incidents have been widely reported, the three CVEs on record highlight potential attack surfaces in its distributed storage protocols. The project's open-source architecture allows for community-driven security audits, though the complexity of its blockchain integration continues to present challenges for vulnerability management.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-59942 | go-f3 module vulnerable to integer overflow leading to panic — go-f3CWE-190 | 7.5 | High | 2025-09-29 |
| CVE-2025-59941 | go-f3 is Vulnerable to Cached Justification Verification Bypass — go-f3CWE-305 | 5.9 | Medium | 2025-09-29 |
| CVE-2021-21405 | BLS Signature "Malleability" — lotusCWE-347 | 5.9 | Medium | 2021-04-15 |
This page lists every published CVE security advisory associated with filecoin-project. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.