CVE-2026-40092

A malicious network peer can crash any Nimiq full node by publishing a crafted Kademlia DHT record containing a TaggedSigned<ValidatorRecord, KeyPair> with a signature field whose byte length is not exactly 64. When the victim node's DHT verifier calls TaggedSigned::verify, execution reaches Ed25519Signature::from bytes(sig).unwrap() in the TaggedPublicKey implementation for Ed25519PublicKey. The from bytes call fails because ed25519 zebra::Signature::try from rejects slices not 64 bytes, and the unwrap() panics. The BLS TaggedPublicKey implementation correctly returns false on error; only the Ed25519 implementation panics.

The patch for this vulnerability is formally released as part of v1.4.0.

No known workarounds.

See PR.