Gossipsub 1.0 does not properly resist invalid message spam, such as an eclipse attack or a sybil attack.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HProtocol Gossipsub
APPProtocol1.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
References
Related vulnerabilities
CVE-2022-47547MEDIUM5.3ten sam produkt
GossipSub 1.1, as used for Ethereum 2.0, allows a peer to maintain a positive score (and thus not be pruned fr...
CVE-2026-35405HIGH7.5ten sam vendor
libp2p-rust is the official rust language Implementation of the libp2p networking stack. Prior to 0.17.1, libp...
CVE-2026-35457HIGH8.2ten sam vendor
libp2p-rust is the official rust language Implementation of the libp2p networking stack. Prior to 0.17.1, the ...
CVE-2026-34219HIGH8.2ten sam vendor
libp2p-rust is the official rust language Implementation of the libp2p networking stack. Prior to version 0.49...
CVE-2026-33040HIGH8.7ten sam vendor
libp2p-rust is the official rust language Implementation of the libp2p networking stack. In versions prior to ...