logo

Critical Zcash Vulnerability Found and Fixed

ID: c50d46a0-28f7-5ae5-aa60-30af1e328d6c

STIX ID: report--c50d46a0-28f7-5ae5-aa60-30af1e328d6c

Feed Name: Schneier on Security

Threat Score
70/100

Date Published: 2026-06-08

Date Updated: 2026-06-09

Author: Bruce Schneier

...
...

A security researcher discovered and reported a critical flaw in Zcash's Orchard privacy pool that allowed a malformed transaction input to bypass validation, potentially enabling creation of ZEC from nothing; the Zcash team patched the issue, but there is no way to confirm whether the bug was exploited prior to the fix.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.