CVE-2026-44714 - Vulnerability Details

- bitcoinj: ScriptExecution P2PKH/P2WPKH Verification Bypass

Description

The bitcoinj library is a Java implementation of the Bitcoin protocol. Prior to 0.17.1, ScriptExecution.correctlySpends() contains two fast-path verification bugs for standard P2PKH and native P2WPKH spends in core/src/main/java/org/bitcoinj/script/ScriptExecution.java. In both branches, bitcoinj verifies an attacker-controlled signature/public-key pair but fails to verify that the public key is the one committed to by the output being spent. As a result, any attacker keypair can satisfy bitcoinj's local verification for arbitrary P2PKH and P2WPKH outputs. This vulnerability is fixed in 0.17.1.

Published: 2026-05-15

Score: 7.5 High

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The vulnerability is a fast‑path verification flaw in bitcoinj's ScriptExecution.correctlySpends() for standard P2PKH and native P2WPKH spends. It allows an attacker to supply any signature and public key pair that verifies locally while the public key does not match the one committed to by the output being spent. This bypass permits the creation of transactions that the library accepts as valid but actually transfer funds to an unauthorized key, effectively enabling illicit spending of the output.

Affected Systems

The impacted product is the bitcoinj Java Bitcoin library, any version prior to 0.17.1. Applications that use bitcoinj to verify P2PKH or P2WPKH transactions rely on this flawed logic and are vulnerable. The issue applies to all deployments of the library, whether used in full node clients, wallet implementations, or transaction‑processing services.

Risk and Exploitability

The CVSS score of 7.5 indicates high severity. EPSS is not available, so the current probability of exploitation is undetermined but potentially low, and the vulnerability is not listed in CISA's KEV catalog. The flaw can be exploited by an attacker who can influence the transaction being validated—crafting a transaction that passes bitcoinj’s local verification while the signatures are not bound to the original output. This makes the attack vector primarily application‑level, targeting clients or nodes that use the unpatched library to parse and spend input scripts.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

bitcoinj

affected

Version	Status	Constraints
`< 0.17.1`	affected	—

No data.

No data available yet.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade to bitcoinj 0.17.1 or later
Re‑validate existing transaction records against the patched library to detect any forged transactions
If an upgrade cannot be performed immediately, restrict bitcoinj usage to non‑critical or test environments and avoid processing P2PKH or P2WPKH inputs until the fix is applied

Generated by OpenCVE AI on May 15, 2026 at 18:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
Github GHSA	GHSA-hfcf-v2f8-x9pc	bitcoinj has a ScriptExecution P2PKH/P2WPKH Verification Bypass

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00028.

Exploitation none

Automatable yes

Technical Impact partial

References

Link	Providers
https://github.com/bitcoinj/bitcoinj/commit/2bc5653c41d260d840692bc554690d4d79208f9c
https://github.com/bitcoinj/bitcoinj/commit/b575a682acf614b9ff95cacbdeb48f86c3ababe0
https://github.com/bitcoinj/bitcoinj/security/advisories/GHSA-hfcf-v2f8-x9pc

History

Sat, 16 May 2026 02:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Fri, 15 May 2026 17:15:00 +0000

Type	Values Removed	Values Added
Description		The bitcoinj library is a Java implementation of the Bitcoin protocol. Prior to 0.17.1, ScriptExecution.correctlySpends() contains two fast-path verification bugs for standard P2PKH and native P2WPKH spends in core/src/main/java/org/bitcoinj/script/ScriptExecution.java. In both branches, bitcoinj verifies an attacker-controlled signature/public-key pair but fails to verify that the public key is the one committed to by the output being spent. As a result, any attacker keypair can satisfy bitcoinj's local verification for arbitrary P2PKH and P2WPKH outputs. This vulnerability is fixed in 0.17.1.
Title		bitcoinj: ScriptExecution P2PKH/P2WPKH Verification Bypass
Weaknesses		CWE-347
References		https://github.com/bitcoinj/bitcoinj/commit/2bc5653c41d260d840692bc554690d4d79208f9c https://github.com/bitcoinj/bitcoinj/commit/b575a682acf614b9ff95cacbdeb48f86c3ababe0 https://github.com/bitcoinj/bitcoinj/security/advisories/GHSA-hfcf-v2f8-x9pc
Metrics		cvssV3_1 `{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N'}`

Subscriptions

No data.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2026-05-15T16:51:11.865Z

Updated: 2026-05-16T01:13:51.811Z

Reserved: 2026-05-07T17:07:09.318Z

Link: CVE-2026-44714

Vulnrichment

Updated: 2026-05-16T01:13:46.214Z

NVD

Status : Received

Published: 2026-05-15T17:16:47.933

Modified: 2026-05-15T17:16:47.933

Link: CVE-2026-44714

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-05-15T18:30:05Z

Weaknesses

CWE-347

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

Exploitation none

Automatable yes

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object