CVE-2026-54496
ZcashFoundation · zebra
A critical flaw in the variable-base scalar multiplication gadget within Zcash-related components allows an attacker to produce valid proofs for Orchard Actions by bypassing integrity checks.
Executive summary
An under-constrained cryptographic check in Zcash Foundation's zebra and related libraries allows unauthenticated attackers to bypass vital transaction integrity validations.
Vulnerability
The vulnerability stems from an insufficient verification of data authenticity within the variable-base scalar multiplication gadget, where an unauthenticated prover can bypass diversified-address-integrity checks that normally bind key components to specific notes.
Business impact
A successful exploit could allow for the subversion of core cryptographic guarantees within the Zcash network, specifically regarding transaction integrity. With a CVSS score of 9.3, this issue threatens the fundamental security of the affected currency nodes, potentially enabling fraudulent transactions and compromising the trust model of the entire system.
Remediation
Immediate Action: Update all affected components, including zebrad to 5.0.0, halo2_gadgets to 0.5.0, orchard to 0.14.0, zcash_primitives to 0.28.0, and zcash to 6.20.0.
Proactive Monitoring: Review node logs for anomalous transaction submission patterns and monitor official Zcash Foundation security communications for further network-wide guidance.
Compensating Controls: While no direct compensating control can fix a cryptographic flaw of this nature, node operators should ensure they are running patched versions to participate in the required network soft-fork.
Exploitation status
Public Exploit Available: No (exploit_available: false)
Analyst recommendation
This is a critical security update for anyone operating a Zcash node. Immediate patching is required to ensure compatibility with the network soft-fork and to maintain the cryptographic integrity of processed transactions.