Vulnerability in Ethereum Go-ethereum
CVE-2025-24883
go-ethereum (geth) is a golang execution layer implementation of the Ethereum protocol. A vulnerable node can be forced to shutdown/crash using a specially crafted message. This vulnerability is fixed in 1.14.13.
EPSS: 0.007 (47.8th percentile) — read the EPSS interpretation.
Affected products
- Ethereum Go-ethereum — versions >= 1.14.0, < 1.14.13
Weakness classification (CWE)
Public proof-of-concept exploits
References
- security-advisories@github.com (x_refsource_CONFIRM)
- security-advisories@github.com (x_refsource_MISC)
Frequently asked questions
- What is CVE-2025-24883?
- CVE-2025-24883 is a vulnerability in Ethereum Go-ethereum, classified under CWE-248. Published 2025-01-30.
- Is CVE-2025-24883 known to be exploited?
- 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.