HIGHVulnerability
Verified
Global

NVD HIGH: CVE-2026-34377 — ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.3.0 an...

Tuesday, March 31, 2026 at 03:16 PM UTC·Source: NIST NVD

Updated: Monday, April 6, 2026 at 04:58 PM UTC

Executive Summary

ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.3.0 and zebra-consensus version 5.0.1, a logic error in Zebra's transaction verification cache could allow a malicious miner to induce a consensus split. By matching a valid transaction's txid while providing invalid authorization data, a miner could cause vulnerable Zebra nodes to accept an invalid block, leading to a conse

Analysis

ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.3.0 and zebra-consensus version 5.0.1, a logic error in Zebra's transaction verification cache could allow a malicious miner to induce a consensus split. By matching a valid transaction's txid while providing invalid authorization data, a miner could cause vulnerable Zebra nodes to accept an invalid block, leading to a consensus split from the rest of the Zcash network. This would not allow invalid transactions to be accepted but could result in a consensus split between vulnerable Zebra nodes and invulnerable Zebra and Zcashd nodes. This issue has been patched in zebrad version 4.3.0 and zebra-consensus version 5.0.1. CVSS Score: 8.1. Published: 2026-03-31T15:16:19.233.

Indicators of Compromise (1)

CVE (1)
CVE-2026-34377
NVDMITRE CVE
Source Attribution

Originally published by NIST NVD on Mar 31, 2026. Verified by: NIST.

Related Threats

MEDIUMVulnerabilityNEW

Coinbase wins conditional approval for national trust bank charter

Coinbase is the latest digital asset firm to receive conditional approval from US regulators for a national trust bank charter.

Finextra
LOWVulnerabilityNEW

Businesses ready to embrace AI-to-AI commerce, consumers more wary - Visa survey

AI-to-AI commerce looks poised to scale, with more than half of US businesses willing to allow agents to negotiate prices and terms directly with other agents on their behalf, according to a survey from Visa.

Finextra
CRITICALVulnerabilityNEW

Trump's Budget Proposal Would Slash CISA After Bruising Year

<img src="https://ismg-cdn.nyc3.cdn.digitaloceanspaces.com/articles/trumps-budget-proposal-would-slash-cisa-after-bruising-year-image_small-6-a-31352.jpg" align=right hspace=4><b>White House Criticizes Cyber Defense Agency - and Proposes a Steep $700 Million Cut</b><br>The FY2027 proposal would cut roughly $707 million from CISA, reducing staffing, contractor support and coordination programs whil

Bank Info Security