Skip to content

DoS via malicious p2p message

High
fjl published GHSA-mr7q-c9w9-wh4h Jan 13, 2026

Package

gomod github.com/ethereum/go-ethereum (Go)

Affected versions

<= 1.16.7

Patched versions

>= 1.16.8

Description

Impact

A vulnerable node can be forced to shutdown/crash using a specially crafted message.
More details to be released later.

Credit

This issue was reported to the Ethereum Foundation Bug Bounty Program by DELENE TCHIO ROMUALD.

Severity

High

CVE ID

CVE-2026-22862

Weaknesses

No CWEs