Vulnerabilities > Bitcoin > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-12-09 CVE-2023-50428 In Bitcoin Core through 26.0 and Bitcoin Knots before 25.1.knots20231115, datacarrier size limits can be bypassed by obfuscating data as code (e.g., with OP_FALSE OP_IF), as exploited in the wild by Inscriptions in 2022 and 2023.
network
low complexity
bitcoin bitcoinknots
5.3
2021-05-13 CVE-2021-31876 Incorrect Authorization vulnerability in Bitcoin
Bitcoin Core 0.12.0 through 0.21.1 does not properly implement the replacement policy specified in BIP125, which makes it easier for attackers to trigger a loss of funds, or a denial of service attack against downstream projects such as Lightning network nodes.
network
low complexity
bitcoin CWE-863
6.5
2020-03-12 CVE-2018-20586 Improper Encoding or Escaping of Output vulnerability in Bitcoin Core
bitcoind and Bitcoin-Qt prior to 0.17.1 allow injection of arbitrary data into the debug log via an RPC call.
network
low complexity
bitcoin CWE-116
5.3
2020-03-12 CVE-2017-18350 Classic Buffer Overflow vulnerability in Bitcoin Core
bitcoind and Bitcoin-Qt prior to 0.15.1 have a stack-based buffer overflow if an attacker-controlled SOCKS proxy server is used.
network
high complexity
bitcoin CWE-120
5.9
2019-02-11 CVE-2018-20587 Bitcoin Core 0.12.0 through 0.17.1 and Bitcoin Knots 0.12.0 through 0.17.x before 0.17.1.knots20181229 have Incorrect Access Control.
local
low complexity
bitcoinknots bitcoin
5.5