Nimiq Albatross Vulnerability: Validator Crash via Malformed Proposal

The National Vulnerability Database (NVD) has detailed CVE-2026-32605, a high-severity vulnerability impacting nimiq/core-rs-albatross, the Rust implementation of the Nimiq Proof-of-Stake protocol. This flaw, present in versions prior to 1.3.0, allows an untrusted peer to crash a validator simply by publishing a specially crafted Tendermint proposal message.

According to NVD, the issue stems from an insufficient bounds check within the ProposalSender::send function. Specifically, it uses a > operator instead of >= for the signer bounds check. This allows a malicious actor to craft a message where the signer index equals validators.num_validators(). This bypasses the intended check, leading to an out-of-bounds index access when validators.get_validator_by_slot_band(signer) is called, resulting in a panic and subsequent validator crash. Crucially, this can occur before any signature verification runs, making it a low-effort denial-of-service vector. The NVD notes that this has been addressed in version 1.3.0 of the software, urging users to update.

Rated with a CVSS score of 7.5 (HIGH), this vulnerability is categorized under CWE-125 (Out-of-bounds Read) and CWE-193 (Off-by-one Error). The impact is primarily on availability, as an attacker can reliably take down Nimiq validators without needing to authenticate or perform complex attacks. This is a classic example of how a seemingly minor coding oversight can lead to significant operational disruption in distributed systems.