CVE-2026-3192

Name of the Vulnerable Software and Affected Versions Chia Blockchain version 2.1.0

Description A security issue has been identified in Chia Blockchain that results in improper authentication. This is due to manipulation within the authenticate function located in the rpc server base.py file of the RPC Credential Handler component. The attack can be carried out remotely and is considered to have high complexity, with difficult exploitability. The exploit has been publicly disclosed. The vendor was notified of the issue but rejected a bug bounty report, stating the behavior is intentional and the user is responsible for host security.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.