Product
medium
advisory
Zebra Block Suppression Vulnerability (CVE-2026-52736) via P2P Body Poisoning
2 TTPsA remote unauthenticated attacker can exploit CVE-2026-52736 in Zebra's `zebrad` node (versions up to and including `v4.4.1`) to permanently stall a targeted blockchain node by poisoning its sent-hash cache, leading to a denial of service.
zebrad <= 4.4.1 +1
blockchain
denial-of-service
network
vulnerability
2t
medium
advisory
Zebra Node Denial-of-Service via IPv4-Mapped Mempool Misbehavior Panic (CVE-2026-52829)
1 TTPA remote unauthenticated peer can exploit an address normalization mismatch in Zebra's address book when connecting via IPv4 to a dual-stack IPv6 listener on a Linux host, by then advertising an invalid mempool transaction, which triggers a deterministic assertion panic after a 30-second delay, causing the `zebrad` process to terminate, leading to persistent denial of service.
zebrad <= 4.4.1 +1
denial-of-service
vulnerability
linux
rust
1t