What is CVE-2025-47270?

CVE-2025-47270 is a high-severity vulnerability in Nimiq Core-rs-albatross, classified under Uncontrolled Resource Consumption. CVSS score: 7.5/10. Published 2025-05-12.

How severe is CVE-2025-47270?

High severity. CVSS v3 base score is 7.5 out of 10.

Resource exhaustion in Nimiq Core-rs-albatross

CVE-2025-47270

nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. The `nimiq-network-libp2p` subcrate of nimiq/core-rs-albatross is vulnerable to a Denial of Service (DoS) att…

Vulnerability class: DoS (Denial of Service)

EPSS: 0.011 (78.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.

Affected products

Nimiq Core-rs-albatross — versions < 1.1.0

Weakness classification (CWE)

CWE-400 — Uncontrolled Resource Consumption

References

https://github.com/nimiq/core-rs-albatross/security/advisories/GHSA-3v6r-9cr8-q433 (x_refsource_CONFIRM)
https://github.com/nimiq/core-rs-albatross/pull/3384 (x_refsource_MISC)
https://github.com/nimiq/core-rs-albatross/commit/566935f0dd0fb41bba1f406d8e3a02dc499520b5 (x_refsource_MISC)
https://github.com/nimiq/core-rs-albatross/releases/tag/v1.1.0 (x_refsource_MISC)

Frequently asked questions

What is CVE-2025-47270?: CVE-2025-47270 is a high-severity vulnerability in Nimiq Core-rs-albatross, classified under Uncontrolled Resource Consumption. CVSS score: 7.5/10. Published 2025-05-12.
How severe is CVE-2025-47270?: High severity. CVSS v3 base score is 7.5 out of 10.