Vulnerability in Ethereum Go-ethereum

CVE-2025-24883

go-ethereum (geth) is a golang execution layer implementation of the Ethereum protocol. A vulnerable node can be forced to shutdown/crash using a specially crafted message. This vulnerability is fixed in 1.14.13.

EPSS: 0.007 (47.8th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

Public proof-of-concept exploits

References

Frequently asked questions

What is CVE-2025-24883?
CVE-2025-24883 is a vulnerability in Ethereum Go-ethereum, classified under CWE-248. Published 2025-01-30.
Is CVE-2025-24883 known to be exploited?
2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.