PT-2026-30508 · Zcash · Zcash
Daira-Emma Hopwood
·
Published
2026-04-05
·
Updated
2026-05-19
·
CVE-2026-35679
CVSS v3.1
3.5
Low
| Vector | AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Zcash versions prior to 6.12.0
Description
Zcash zcashd versions prior to 6.12.0 were susceptible to accepting invalid transactions under specific circumstances. This could have potentially led to the loss of user funds from the Sprout pool due to insufficient verification of Sprout proofs.
Recommendations
Update to version 6.12.0 or later.
Fix
Improperly Implemented Security Check for Standard
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Zcash