SynScan
Home
How it works
Integrations
Pricing
Vulnerability Database
Breach Intelligence
Search Data
Database Index
Blog
Contact
Book a Demo
Vulnerability Database
Total number of vulnerabilities in the DB: 296,663
With exploit
github.com/cometbft/cometbft
You can search for specific versions with
https://synscan.net/product/github.com-cometbft-cometbft/1.2.3
Title
Severity
Exploit
Date
Affected Version
CometBFT's invalid BitArray handling can lead to network halt
High
Oct 14, 2025
< 0.37.16
>= 0.38.0-alpha.1 < 0.38.19
CometBFT allows a malicious peer to stall the network by disseminating seemingly valid block parts
High
Feb 3, 2025
>= 1.0.0-alpha.1 < 1.0.1
< 0.38.17
CVE-2025-24371
Medium
Feb 3, 2025
>= 1.0.0-alpha.1 < 1.0.1
< 0.38.17
CometBFT is unstability during blocksync when syncing from malicious peer
Medium
Jun 28, 2024
>= 0.37.0 < 0.37.7
>= 0.38.0 < 0.38.8
ASA-2024-004: Default configuration param for Evidence may limit window of validity
Low
Feb 28, 2024
<= 0.38.5
Validation of `VoteExtensionsEnableHeight` can cause chain halt in Go package github.com/cometbft/cometbft
High
Jan 19, 2024
>= 0.38.0 < 0.38.3
CometBFT's default for `BlockParams.MaxBytes` consensus parameter may increase block times and affect consensus participation
Low
Sep 29, 2023
<= 0.38.0
CVE-2023-34450
Medium
Jul 3, 2023
== 0.34.28
>= 0.34.28 < 0.34.29
== 0.37.1
>= 0.37.1 < 0.37.2
CVE-2023-34451
High
Jul 3, 2023
< 0.34.29
>= 0.37.0 < 0.37.2
github.com/cometbft/cometbft