CVE-2026-3193
low-risk
Published 2026-02-25
A vulnerability was detected in Chia Blockchain 2.1.0. Impacted is an unknown function of the file /send_transaction. The manipulation results in cross-site request forgery. The attack may be performed from remote. The attack requires a high level of complexity. The exploitability is considered difficult. The exploit is now public and may be used. The vendor was informed early via email. A separate report via bugbounty was rejected with the reason "This is by design. The user is responsible for host security".
Do I need to act?
-
0.03% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
3
CVSS 3.1/10
Low
NETWORK
/ HIGH complexity
Affected Products (1)
Blockchain
Affected Vendors
References (3)
Permissions Required
https://vuldb.com/?ctiid.347749
Third Party Advisory
https://vuldb.com/?id.347749
16
/ 100
low-risk
Severity
11/34 · Low
Exploitability
0/34 · Minimal
Exposure
5/34 · Minimal