CVE-2026-41585

ZEBRA is a Zcash node written entirely in Rust. From zebrad versions 2.2.0 to before 4.3.1 and from zebra-rpc versions 1.0.0-beta.45 to before 6.0.2, a vulnerability in Zebra's JSON-RPC HTTP middleware allows an authenticated RPC client to cause a Zebra node to crash by disconnecting before the request body is fully received. The node treats the failure to read the HTTP request body as an unrecoverable error and aborts the process instead of returning an error response. This issue has been patched in zebrad version 4.3.1 and zebra-rpc version 6.0.2.

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/ZcashFoundation/zebra/security/advisories/GHSA-29x4-r6jv-ff4w	Vendor Advisory Mitigation

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:zfnd:zebra-rpc::::::rust::*
	cpe:2.3:a:zfnd:zebra-rpc:1.0.0:-::::rust::*
	cpe:2.3:a:zfnd:zebra-rpc:1.0.0:beta45::::rust::*
	cpe:2.3:a:zfnd:zebra-rpc:1.0.0:beta46::::rust::*
	cpe:2.3:a:zfnd:zebrad::::::rust::*

History

08 May 2026, 18:19

Type	Values Removed	Values Added
References	~~() https://github.com/ZcashFoundation/zebra/security/advisories/GHSA-29x4-r6jv-ff4w -~~	() https://github.com/ZcashFoundation/zebra/security/advisories/GHSA-29x4-r6jv-ff4w - Vendor Advisory, Mitigation
First Time		Zfnd zebrad Zfnd Zfnd zebra-rpc
CPE		cpe:2.3:a:zfnd:zebrad::::::rust::* cpe:2.3:a:zfnd:zebra-rpc::::::rust::* cpe:2.3:a:zfnd:zebra-rpc:1.0.0:beta45::::rust::* cpe:2.3:a:zfnd:zebra-rpc:1.0.0:beta46::::rust::* cpe:2.3:a:zfnd:zebra-rpc:1.0.0:-::::rust::*
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 6.5

08 May 2026, 15:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-05-08 15:16

Updated : 2026-05-08 18:19

NVD link : CVE-2026-41585

Mitre link : CVE-2026-41585

CVE.ORG link : CVE-2026-41585

JSON object : View

Products Affected

zfnd

zebrad
zebra-rpc

CWE

CWE-248

Uncaught Exception

CWE-617

Reachable Assertion

{"id": "CVE-2026-41585", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}], "cvssMetricV40": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 6.9, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "HIGH", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2026-05-08T15:16:41.400", "references": [{"url": "https://github.com/ZcashFoundation/zebra/security/advisories/GHSA-29x4-r6jv-ff4w", "tags": ["Vendor Advisory", "Mitigation"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-248"}, {"lang": "en", "value": "CWE-617"}]}], "descriptions": [{"lang": "en", "value": "ZEBRA is a Zcash node written entirely in Rust. From zebrad versions 2.2.0 to before 4.3.1 and from zebra-rpc versions 1.0.0-beta.45 to before 6.0.2, a vulnerability in Zebra's JSON-RPC HTTP middleware allows an authenticated RPC client to cause a Zebra node to crash by disconnecting before the request body is fully received. The node treats the failure to read the HTTP request body as an unrecoverable error and aborts the process instead of returning an error response. This issue has been patched in zebrad version 4.3.1 and zebra-rpc version 6.0.2."}], "lastModified": "2026-05-08T18:19:56.697", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:zfnd:zebra-rpc:*:*:*:*:*:rust:*:*", "vulnerable": true, "matchCriteriaId": "FBE8A429-C046-4D22-BBD3-0BC4CB5B08F8", "versionEndExcluding": "6.0.2", "versionStartIncluding": "2.0.0"}, {"criteria": "cpe:2.3:a:zfnd:zebra-rpc:1.0.0:-:*:*:*:rust:*:*", "vulnerable": true, "matchCriteriaId": "B3450E7E-A67B-409B-ACDA-AA7CE6B95E30"}, {"criteria": "cpe:2.3:a:zfnd:zebra-rpc:1.0.0:beta45:*:*:*:rust:*:*", "vulnerable": true, "matchCriteriaId": "62776E2E-81A5-4269-A19D-4983D2336425"}, {"criteria": "cpe:2.3:a:zfnd:zebra-rpc:1.0.0:beta46:*:*:*:rust:*:*", "vulnerable": true, "matchCriteriaId": "6D766D1A-302B-4F72-A7A7-170E766D6241"}, {"criteria": "cpe:2.3:a:zfnd:zebrad:*:*:*:*:*:rust:*:*", "vulnerable": true, "matchCriteriaId": "FDF085CF-E73B-4993-A287-FBE9D92385D9", "versionEndExcluding": "4.3.1", "versionStartIncluding": "2.2.0"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}