Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2026-40880

ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.3.1 and zebra-consensus version 5.0.2, a logic error in Zebra's transaction verification cache could allow a malicious miner to induce a consensus split. By carefully submitting a transaction that is valid for height H+1 but invalid for H+2 and then mining that transaction in a block at height H+2, a miner could cause vulnerable Zebra nodes to accept an invalid block, leading to a consensus split from the rest of the Zcash network. This vulnerability is fixed in zebrad version 4.3.1 and zebra-consensus version 5.0.2.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 17.4%
CVSS Severity
CVSS v3 Score 8.1
Products affected by CVE-2026-40880
  • Zfnd » Zebra-Consensus » Version: Any
    cpe:2.3:a:zfnd:zebra-consensus:*
  • Zfnd » Zebrad » Version: 1.0.0
    cpe:2.3:a:zfnd:zebrad:1.0.0
  • Zfnd » Zebrad » Version: 1.0.1
    cpe:2.3:a:zfnd:zebrad:1.0.1
  • Zfnd » Zebrad » Version: 1.1.0
    cpe:2.3:a:zfnd:zebrad:1.1.0
  • Zfnd » Zebrad » Version: 1.2.0
    cpe:2.3:a:zfnd:zebrad:1.2.0
  • Zfnd » Zebrad » Version: 1.3.0
    cpe:2.3:a:zfnd:zebrad:1.3.0
  • Zfnd » Zebrad » Version: 1.4.0
    cpe:2.3:a:zfnd:zebrad:1.4.0
  • Zfnd » Zebrad » Version: 1.5.0
    cpe:2.3:a:zfnd:zebrad:1.5.0
  • Zfnd » Zebrad » Version: 1.5.2
    cpe:2.3:a:zfnd:zebrad:1.5.2
  • Zfnd » Zebrad » Version: 1.6.0
    cpe:2.3:a:zfnd:zebrad:1.6.0
  • Zfnd » Zebrad » Version: 1.6.1
    cpe:2.3:a:zfnd:zebrad:1.6.1
  • Zfnd » Zebrad » Version: 1.7.0
    cpe:2.3:a:zfnd:zebrad:1.7.0
  • Zfnd » Zebrad » Version: 1.8.0
    cpe:2.3:a:zfnd:zebrad:1.8.0
  • Zfnd » Zebrad » Version: 1.9.0
    cpe:2.3:a:zfnd:zebrad:1.9.0
  • Zfnd » Zebrad » Version: 2.0.1
    cpe:2.3:a:zfnd:zebrad:2.0.1
  • Zfnd » Zebrad » Version: 2.1.0
    cpe:2.3:a:zfnd:zebrad:2.1.0
  • Zfnd » Zebrad » Version: 2.2.0
    cpe:2.3:a:zfnd:zebrad:2.2.0
  • Zfnd » Zebrad » Version: 2.3.0
    cpe:2.3:a:zfnd:zebrad:2.3.0
  • Zfnd » Zebrad » Version: 2.4.0
    cpe:2.3:a:zfnd:zebrad:2.4.0
  • Zfnd » Zebrad » Version: 2.4.1
    cpe:2.3:a:zfnd:zebrad:2.4.1
  • Zfnd » Zebrad » Version: 2.4.2
    cpe:2.3:a:zfnd:zebrad:2.4.2
  • Zfnd » Zebrad » Version: 2.5.0
    cpe:2.3:a:zfnd:zebrad:2.5.0
  • Zfnd » Zebrad » Version: 3.0.0
    cpe:2.3:a:zfnd:zebrad:3.0.0
  • Zfnd » Zebrad » Version: 3.1.0
    cpe:2.3:a:zfnd:zebrad:3.1.0
  • Zfnd » Zebrad » Version: 4.0.0
    cpe:2.3:a:zfnd:zebrad:4.0.0
  • Zfnd » Zebrad » Version: 4.1.0
    cpe:2.3:a:zfnd:zebrad:4.1.0
  • Zfnd » Zebrad » Version: 4.2.0
    cpe:2.3:a:zfnd:zebrad:4.2.0
  • Zfnd » Zebrad » Version: 4.3.0
    cpe:2.3:a:zfnd:zebrad:4.3.0


Products
Pricing
Contact Us

Shodan ® - All rights reserved