VIR Vulnerability Intelligence Relay

CVE-2026-3193

low
Published 2026-02-25 · Modified 2026-04-29
CVSS v3
3.1
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N
CVSS v2
2.6
VIR risk
3.1

Description

A vulnerability was detected in Chia Blockchain 2.1.0. Impacted is an unknown function of the file /send_transaction. The manipulation results in cross-site request forgery. The attack may be performed from remote. The attack requires a high level of complexity. The exploitability is considered difficult. The exploit is now public and may be used. The vendor was informed early via email. A separate report via bugbounty was rejected with the reason "This is by design. The user is responsible for host security".

Predictions

Exploit likelihood
42%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.

Application impact
VendorProductVersionsFixed
chiablockchain2.1.0

References

CWEs

CWE-352 CWE-862

Verify integrity in audit chain (admin only). AS-IS.