CVE-2025-46598

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-46598 describes a CPU Denial-of-Service (DoS) vulnerability affecting Bitcoin Core, stemming from the processing of unconfirmed transactions. An attacker could exploit this by sending specially crafted, non-standard unconfirmed transactions. While these transactions would ultimately be rejected by a victim node, each validation attempt would consume several seconds of CPU time without causing a disconnection, allowing the attacker to repeatedly send such transactions. This continuous processing of resource-intensive, unconfirmed transactions could be leveraged to delay block propagation within the Bitcoin network. Mitigations were implemented to reduce the validation time in various Script contexts, and a fix for this issue was released on October 10, 2025, in Bitcoin Core version 30.0.

Description: -

Hype score: Not currently trending

Found an interesting PR where @LukeDashjr is updating Bitcoin Core v29 to fix a known vulnerability (CVE-2025-46598). Why update (backport) an old version? Because v30 included #32406 "policy: uncap datacarrier by default" - removing the 80-byte OP_RETURN limit. Some node
@bensig
6 Jan 2026
4998 Impressions
6 Retweets
97 Likes
8 Bookmarks
3 Replies
1 Quote

References

Sources include official advisories and independent security research.

https://www.cve.org/CVERecord?id=CVE-2025-46598

Overview

AI description

Social media

References