CVE-2026-54496
CRITICAL
9.3
CVSS 3.1
Description
ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad 5.0.0, halo2_gadgets 0.5.0, orchard 0.14.0, zcash_primitives 0.28.0, and zcashd 6.20.0, the variable-base scalar multiplication gadget in halo2_gadgets/src/ecc/chip/mul/incomplete.rs used assign_advice() for the base point without a copy constraint tying it to the actual base, allowing a malicious prover to produce a valid proof for an Orchard Action with an under-constrained base point and bypass the diversified-address-integrity check that binds pk_d, g_d, ivk, the nullifier (nf), and the spend validating key (ak) to the note being spent. This issue is fixed in zebrad 5.0.0, halo2_gadgets 0.5.0, orchard 0.14.0, zcash_primitives 0.28.0, and zcashd 6.20.0.
Metadata
Severity & Metrics
9.3
CRITICAL CVSS 3.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:L
SSVC — CISA Coordinator
Affected products (5)
| Vendor | Product | Platform | Versions |
|---|---|---|---|
| zcash | halo2_gadgets | — | < 0.5.0 |
| zcash | librustzcash | — | < 0.28.0 |
| zcash | orchard | — | < 0.14.0 |
| zcash | zcash | — | < 6.20.0 |
| ZcashFoundation | zebra | — | < 5.0.0 |
Weakness (CWE)
| CWE | Source | Description |
|---|---|---|
| CWE-345 | cna | CWE-345: Insufficient Verification of Data Authenticity |
CVSS scores (1)
| Score | Severity | Version | Source | Vector |
|---|---|---|---|---|
| 9.3 | CRITICAL | 3.1 | cna | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:L |
References (7)
- https://github.com/ZcashFoundation/zebra/security/advisories/GHSA-ww9q-8r59-xv46 https://github.com/ZcashFoundation/zebra/security/advisories/GHSA-ww9q-8r59-xv46
- https://github.com/ZcashFoundation/zebra/releases/tag/v5.0.0 https://github.com/ZcashFoundation/zebra/releases/tag/v5.0.0
- https://github.com/zcash/halo2/releases/tag/halo2_gadgets-0.5.0 https://github.com/zcash/halo2/releases/tag/halo2_gadgets-0.5.0
- https://github.com/zcash/librustzcash/releases/tag/zcash_primitives-0.28.0 https://github.com/zcash/librustzcash/releases/tag/zcash_primitives-0.28.0
- https://github.com/zcash/orchard/releases/tag/0.14.0 https://github.com/zcash/orchard/releases/tag/0.14.0
- https://github.com/zcash/zcash/releases/tag/v6.20.0 https://github.com/zcash/zcash/releases/tag/v6.20.0
- https://zfnd.org/zebra-4-5-3-and-5-0-0-emergency-soft-fork-and-nu6-2-activation https://zfnd.org/zebra-4-5-3-and-5-0-0-emergency-soft-fork-and-nu6-2-activation