{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-40093", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-04-09T01:41:38.535Z", "datePublished": "2026-04-09T20:29:46.026Z", "dateUpdated": "2026-04-13T15:38:14.634Z"}, "containers": {"cna": {"title": "nimiq-blockchain is missing a wall-clock upper bound on block timestamps", "problemTypes": [{"descriptions": [{"cweId": "CWE-1284", "lang": "en", "description": "CWE-1284: Improper Validation of Specified Quantity in Input", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/nimiq/core-rs-albatross/security/advisories/GHSA-49xc-52mp-cc9j", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/nimiq/core-rs-albatross/security/advisories/GHSA-49xc-52mp-cc9j"}], "affected": [{"vendor": "nimiq", "product": "core-rs-albatross", "versions": [{"version": "<= 1.3.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-09T20:29:46.026Z"}, "descriptions": [{"lang": "en", "value": "nimiq-blockchain provides persistent block storage for Nimiq's Rust implementation. In 1.3.0 and earlier, block timestamp validation enforces that timestamp >= parent.timestamp for non-skip blocks and timestamp == parent.timestamp + MIN_PRODUCER_TIMEOUT for skip blocks, but there is no visible upper bound check against the wall clock. A malicious block-producing validator can set block timestamps arbitrarily far in the future. This directly affects reward calculations via Policy::supply_at() and batch_delay() in blockchain/src/reward.rs, inflating the monetary supply beyond the intended emission schedule."}], "source": {"advisory": "GHSA-49xc-52mp-cc9j", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-13T15:05:36.431662Z", "id": "CVE-2026-40093", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-13T15:38:14.634Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-40093", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-13T15:05:36.431662Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-13T15:33:27.383Z"}}], "cna": {"title": "nimiq-blockchain is missing a wall-clock upper bound on block timestamps", "source": {"advisory": "GHSA-49xc-52mp-cc9j", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "nimiq", "product": "core-rs-albatross", "versions": [{"status": "affected", "version": "<= 1.3.0"}]}], "references": [{"url": "https://github.com/nimiq/core-rs-albatross/security/advisories/GHSA-49xc-52mp-cc9j", "name": "https://github.com/nimiq/core-rs-albatross/security/advisories/GHSA-49xc-52mp-cc9j", "tags": ["x_refsource_CONFIRM"]}], "descriptions": [{"lang": "en", "value": "nimiq-blockchain provides persistent block storage for Nimiq's Rust implementation. In 1.3.0 and earlier, block timestamp validation enforces that timestamp >= parent.timestamp for non-skip blocks and timestamp == parent.timestamp + MIN_PRODUCER_TIMEOUT for skip blocks, but there is no visible upper bound check against the wall clock. A malicious block-producing validator can set block timestamps arbitrarily far in the future. This directly affects reward calculations via Policy::supply_at() and batch_delay() in blockchain/src/reward.rs, inflating the monetary supply beyond the intended emission schedule."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-1284", "description": "CWE-1284: Improper Validation of Specified Quantity in Input"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-09T20:29:46.026Z"}}}, "cveMetadata": {"cveId": "CVE-2026-40093", "state": "PUBLISHED", "dateUpdated": "2026-04-13T15:38:14.634Z", "dateReserved": "2026-04-09T01:41:38.535Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-04-09T20:29:46.026Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:nimiq:nimiq_proof-of-stake:*:*:*:*:*:rust:*:*", "matchCriteriaId": "CD0CAAD1-7626-4A4A-A6F8-9DC46FE50731", "versionEndExcluding": "1.3.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "nimiq-blockchain provides persistent block storage for Nimiq's Rust implementation. In 1.3.0 and earlier, block timestamp validation enforces that timestamp >= parent.timestamp for non-skip blocks and timestamp == parent.timestamp + MIN_PRODUCER_TIMEOUT for skip blocks, but there is no visible upper bound check against the wall clock. A malicious block-producing validator can set block timestamps arbitrarily far in the future. This directly affects reward calculations via Policy::supply_at() and batch_delay() in blockchain/src/reward.rs, inflating the monetary supply beyond the intended emission schedule."}], "id": "CVE-2026-40093", "lastModified": "2026-04-24T17:11:14.347", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.2, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-04-09T21:16:11.937", "references": [{"source": "security-advisories@github.com", "tags": ["Broken Link"], "url": "https://github.com/nimiq/core-rs-albatross/security/advisories/GHSA-49xc-52mp-cc9j"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1284"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,1.3.0]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "core-rs-albatross", "source": "cna", "vendor": "nimiq"}, "product": "core-rs-albatross", "vendor": "nimiq"}], "analysis": {"en": {"generated_at": "2026-04-09T23:53:44.036615+00:00", "value": {"mitigation_remediation": ["Upgrade Nimiq to a version that imposes an upper bound on block timestamps.", "Verify that the updated version is running after the upgrade.", "Initially monitor the blockchain for blocks with unusually distant future timestamps and flag or reject them until the upgrade is complete."], "summary": {"action": "Patch Immediately", "impact": "Monetary supply inflation via manipulated block timestamps"}, "threat_synthesis": {"affected_systems": "The vulnerability affects Nimiq\u2019s Rust\u2011based blockchain implementation, specifically core\u2011rs\u2011albatross versions 1.3.0 and earlier. Newer releases that include a wall\u2011clock limit are not impacted.", "description_and_impact": "A missing upper bound on block timestamps allows a validator to set timestamps far into the future, which directly inflates the calculated monetary supply by skewing reward calculations. The flaw involves unchecked input handling and is identified as CWE\u20111284.", "risk_and_exploitability": "With a CVSS score of 8.1 the severity is high; the Exploit Probability Score is not available. It is not listed in the CISA Known Exploited Vulnerabilities catalog. A validator that is permitted to produce blocks can create blocks with arbitrarily future timestamps, causing the network to mis\u2011calculate rewards and inflate supply. The attack path requires only the ability to craft blocks on the network and has no additional prerequisites."}}}}, "created": "2026-04-10T08:38:35.825632+00:00", "updated": "2026-04-10T09:29:19.162001+00:00", "vendors": ["nimiq", "nimiq$PRODUCT$core-rs-albatross"]}