Browse all 9 CVE security advisories affecting stellar. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Stellar is a blockchain-based decentralized protocol facilitating cross-border payments and asset tokenization. Historically, it has been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from improper input validation and access control flaws. The protocol has faced notable security incidents, including a 2013 exploit that resulted in 2.25 million XLM theft, and a 2018 vulnerability allowing unauthorized token minting. Despite these issues, Stellar maintains a transparent vulnerability disclosure process and has implemented several security enhancements to address past weaknesses.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-29795 | stellar-xdr: `StringM::from_str` bypasses max length validation — rs-stellar-xdrCWE-770 | 4.0 | Medium | 2026-03-06 |
This page lists every published CVE security advisory associated with stellar. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.