Skip to content

DoS via malicious p2p message

Moderate
fjl published GHSA-689v-6xwf-5jf3 Feb 17, 2026

Package

gomod github.com/ethereum/go-ethereum (Go)

Affected versions

< 1.17.0

Patched versions

>= 1.17.0

Description

Impact

An attacker can cause high memory usage by sending a specially-crafted p2p message.
More details to be released later.

Patches

The issue is resolved in the v1.17.0 release.

Credit

This issue was reported to the Ethereum Foundation Bug Bounty Program by @revofusion

Severity

Moderate

CVE ID

CVE-2026-26313

Weaknesses

No CWEs

Credits