Bitcoin Core Development Team Releases Security Advisories
The Bitcoin Core development team has recently published four new advisories, all classified as low severity, related to the security of the Bitcoin network. This release follows the initial identification of five advisories; however, one was escalated to medium severity, leaving the total at four. According to Michael Ford, who maintains Bitcoin software, the advisories address various vulnerabilities that could be exploited by attackers but are not currently deemed critical.
Details of the Advisories
Among these advisories is CVE-2025-46598, which relates to a CPU denial-of-service (DoS) vulnerability from processing unconfirmed transactions. This flaw allows an attacker to send specially crafted transactions that slow down a victim node’s response time, as the node takes several seconds to validate these non-standard transactions. While the node will reject these transactions, they can be sent repeatedly, potentially hindering the speed at which blocks are propagated through the network. A fix for this issue is included in the recent Bitcoin Core v30.0 update, which was released on October 10, 2025.
Another advisory, CVE-2025-46597, highlights a bug that may cause a crash on 32-bit systems under rare conditions. This flaw is described as unlikely to be used maliciously, due to the specific circumstances required to trigger it. Like the previous issue, a patch was also included in the v30.0 update.
The third advisory, CVE-2025-54604, covers a vulnerability related to disk space management, enabling an attacker to potentially fill a victim’s disk by simulating self-connections. This log-filling issue poses a limited threat as it takes a considerable amount of time for the node to run out of storage.
Lastly, CVE-2025-54605 addresses a similar disk-filling vulnerability caused by sending invalid blocks to a victim node. The potential for exploitation here is also limited, but it remains a concern for maintaining system integrity.
Encouragement to Update
In conjunction with these updates, the Bitcoin Core team has announced the release of versions v29.2 and v28.3, indicating that the v27 branch has reached its end of life, encouraging users to update to the latest versions for enhanced security.
