Description
Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.4.0, when LightBlockchain::rebranch() adopts a fork chain whose tip is a macro block (checkpoint or election), it only updates self.head but fails to update self.macro_head, self.election_head, self.current_validators, or store the election header in the chain_store. This is in direct contrast with the full Blockchain::rebranch() at blockchain/src/blockchain/push.rs:504-518, which correctly updates all macro/election state when the new head is a macro block. After a rebranch to a macro block, the stale macro_head causes subsequent macro blocks pushed via push() to be verified against the wrong predecessor via verify_macro_successor(&this.macro_head). If the rebranch target was an election block, the stale current_validators causes every subsequent block to fail verify_validators(), completely stalling the light client's chain progression. This issue has been patched in version 1.4.0.
Published: 2026-06-09
Score: 6.5 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A flaw in the LightBlockchain::rebranch() method omits updates to critical state when a fork chain’s tip is a macro block. As a result, the node retains an outdated macro head, election head, and validator set. When subsequent block pushes happen, the node attempts to verify new blocks against the stale predecessor, causing consistent verification failures. This stalls the light client's ability to process new blocks and effectively disables it from synchronizing with the network, leading to a denial of service situation.

Affected Systems

The vulnerability affects the Nimiq core-rs-albatross implementation. Clients running any version prior to 1.4.0 are at risk, as the issue was resolved in the 1.4.0 release.

Risk and Exploitability

The CVSS score of 6.5 indicates moderate severity. EPSS data is not available and the vulnerability is not listed in CISA’s KEV catalog, suggesting no known widespread exploitation yet. Likely, the attack involves an adversary providing a fork chain whose tip is a macro block, which the light client will then rebranch onto. While the exact method of inducing a rebranch is not disclosed, the description implies that a malicious node could attempt to propagate such a chain. The consequence would be service disruption until the client is patched or restarted.

Generated by OpenCVE AI on June 10, 2026 at 02:35 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to Nimiq core-rs-albatross version 1.4.0 or later to apply the fix for the rebranch bug.
  • After upgrading, restart the light client to force a full re‑sync and ensure that the macro block state is rebuilt correctly.
  • Continuously monitor node logs for errors related to macro block verification and verify that the current macro_head matches the latest valid macro block after any rebranch events.

Generated by OpenCVE AI on June 10, 2026 at 02:35 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 10 Jun 2026 02:30:00 +0000

Type Values Removed Values Added
First Time appeared Nimiq
Nimiq core-rs-albatross
Vendors & Products Nimiq
Nimiq core-rs-albatross

Wed, 10 Jun 2026 00:00:00 +0000

Type Values Removed Values Added
Description Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.4.0, when LightBlockchain::rebranch() adopts a fork chain whose tip is a macro block (checkpoint or election), it only updates self.head but fails to update self.macro_head, self.election_head, self.current_validators, or store the election header in the chain_store. This is in direct contrast with the full Blockchain::rebranch() at blockchain/src/blockchain/push.rs:504-518, which correctly updates all macro/election state when the new head is a macro block. After a rebranch to a macro block, the stale macro_head causes subsequent macro blocks pushed via push() to be verified against the wrong predecessor via verify_macro_successor(&this.macro_head). If the rebranch target was an election block, the stale current_validators causes every subsequent block to fail verify_validators(), completely stalling the light client's chain progression. This issue has been patched in version 1.4.0.
Title Nimiq light-blockchain: Light blockchain rebranch issue
Weaknesses CWE-841
References
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L'}

Subscriptions

Nimiq Core-rs-albatross
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-06-09T23:45:01.847Z

Reserved: 2026-05-14T20:42:31.368Z

Link: CVE-2026-46540

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-06-10T00:16:54.230

Modified: 2026-06-10T00:16:54.230

Link: CVE-2026-46540

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-10T02:15:19Z

Weaknesses