Ethereum Go_ethereum
24 CVEs affecting Ethereum Go_ethereum. Latest disclosed: 2026-02-19. Critical: 0, High: 14.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-26315 | High | 7.5 | 2026-02-19 | go-ethereum (Geth) is a golang execution layer implementation of the Ethereum protocol. Prior to version 1.16.9, through a flaw in the ECIES cryptography imple… |
CVE-2026-26314 | High | 7.5 | 2026-02-19 | go-ethereum (geth) is a golang execution layer implementation of the Ethereum protocol. Prior to version 1.16.9, a vulnerable node can be forced to shutdown/cr… |
CVE-2026-26313 | High | 7.5 | 2026-02-19 | go-ethereum (geth) is a golang execution layer implementation of the Ethereum protocol. Prior to version 1.17.0, an attacker can cause high memory usage by sen… |
CVE-2026-22868 | High | 7.5 | 2026-01-13 | go-ethereum (geth) is a golang execution layer implementation of the Ethereum protocol. A vulnerable node can be forced to shutdown/crash using a specially cra… |
CVE-2026-22862 | High | 7.5 | 2026-01-13 | go-ethereum (geth) is a golang execution layer implementation of the Ethereum protocol. A vulnerable node can be forced to shutdown/crash using a specially cra… |
CVE-2023-42319 | High | 7.5 | 2023-10-18 | Geth (aka go-ethereum) through 1.13.4, when --http --graphql is used, allows remote attackers to cause a denial of service (memory consumption and daemon hang)… |
CVE-2023-40591 | High | 7.5 | 2023-09-06 | go-ethereum (geth) is a golang execution layer implementation of the Ethereum protocol. A vulnerable node, can be made to consume unbounded amounts of memory w… |
CVE-2021-42219 | High | 7.5 | 2022-03-17 | Go-Ethereum v1.10.9 was discovered to contain an issue which allows attackers to cause a denial of service (DoS) via sending an excessive amount of messages to… |
CVE-2022-23328 | High | 7.5 | 2022-03-04 | A design flaw in all versions of Go-Ethereum allows an attacker node to send 5120 pending transactions of a high gas price from one account that all fully spen… |
CVE-2022-23327 | High | 7.5 | 2022-03-04 | A design flaw in Go-Ethereum 1.10.12 and older versions allows an attacker node to send 5120 future transactions with a high gas price in one message, which ca… |
CVE-2018-20421 | High | 7.5 | 2018-12-24 | Go Ethereum (aka geth) 1.8.19 allows attackers to cause a denial of service (memory consumption) by rewriting the length of a dynamic array in memory, and then… |
CVE-2018-19184 | High | 7.5 | 2018-11-12 | cmd/evm/runner.go in Go Ethereum (aka geth) 1.8.17 allows attackers to cause a denial of service (SEGV) via crafted bytecode. |
CVE-2018-16733 | High | 7.5 | 2018-09-08 | In Go Ethereum (aka geth) before 1.8.14, TraceChain in eth/api_tracer.go does not verify that the end block is after the start block. |
CVE-2018-12018 | High | 7.5 | 2018-07-05 | The GetBlockHeadersMsg handler in the LES protocol implementation in Go Ethereum (aka geth) before 1.8.11 may lead to an access violation because of an integer… |
CVE-2021-39137 | Medium | 6.5 | 2021-08-24 | go-ethereum is the official Go implementation of the Ethereum protocol. In affected versions a consensus-vulnerability in go-ethereum (Geth) could cause a chai… |
CVE-2020-26264 | Medium | 6.5 | 2020-12-11 | Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. In Geth before version 1.9.25 a denial-of-service vulnerability can mak… |
CVE-2020-26242 | Medium | 6.5 | 2020-11-25 | Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. In Geth before version 1.9.18, there is a Denial-of-service (crash) dur… |
CVE-2020-26241 | Medium | 6.5 | 2020-11-25 | Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. This is a Consensus vulnerability in Geth before version 1.9.17 which c… |
CVE-2022-37450 | Medium | 5.9 | 2022-08-05 | Go Ethereum (aka geth) through 1.10.21 allows attackers to increase rewards by mining blocks in certain situations, and using a manipulation of time-difference… |
CVE-2022-29177 | Medium | 5.9 | 2022-05-20 | Go Ethereum is the official Golang implementation of the Ethereum protocol. Prior to version 1.10.17, a vulnerable node, if configured to use high verbosity lo… |