# Shardeum Core

## Reports by Severity

[Critical](#critical) | [High](#high) | [Medium](#medium) | [Low](#low) | [Insight](#insight)

<details>

<summary>Critical</summary>

* [32982 - \[BC - Critical\] Crashing all Validators Vulnerability in eth\_g...](/shardeum-core/32982-bc-critical-crashing-all-validators-vulnerability-in-eth_g....md)
* [32993 - \[BC - Critical\] Crashing Validators by triggering an uncaught e...](/shardeum-core/32993-bc-critical-crashing-validators-by-triggering-an-uncaught-e....md)
* [33086 - \[BC - Critical\] Complete shutdown of the transaction processing...](/shardeum-core/33086-bc-critical-complete-shutdown-of-the-transaction-processing....md)
* [33151 - \[BC - Critical\] Front running initial account data distribution](/shardeum-core/33151-bc-critical-front-running-initial-account-data-distribution.md)
* [33222 - \[BC - Critical\] An attacker can control which nodes can and can...](/shardeum-core/33222-bc-critical-an-attacker-can-control-which-nodes-can-and-can....md)
* [33277 - \[BC - Critical\] Validators can be crashed via GET](/shardeum-core/33277-bc-critical-validators-can-be-crashed-via-get.md)
* [33278 - \[BC - Critical\] Improper input validation leads to DOS and tota...](/shardeum-core/33278-bc-critical-improper-input-validation-leads-to-dos-and-tota....md)
* [33424 - \[BC - Critical\] Improper input validation in safeJsonParse lead...](/shardeum-core/33424-bc-critical-improper-input-validation-in-safejsonparse-lead....md)
* [33428 - \[BC - Critical\] Validators can be crashed via pp](/shardeum-core/33428-bc-critical-validators-can-be-crashed-via-pp.md)
* [33483 - \[BC - Critical\] shardeum validator bypass loop breaking increme...](/shardeum-core/33483-bc-critical-shardeum-validator-bypass-loop-breaking-increme....md)
* [33632 - \[BC - Critical\] Signature forgery on behalf of other nodes lead...](/shardeum-core/33632-bc-critical-signature-forgery-on-behalf-of-other-nodes-lead....md)
* [33637 - \[BC - Critical\] In get\_tx\_timestamp a prototype pollution bri...](/shardeum-core/33637-bc-critical-in-get_tx_timestamp-a-prototype-pollution-bri....md)
* [33638 - \[BC - Critical\] In remove\_timestamp\_cache a prototype polluti...](/shardeum-core/33638-bc-critical-in-remove_timestamp_cache-a-prototype-polluti....md)
* [33655 - \[BC - Critical\] Complete shutdown of the transaction processing...](/shardeum-core/33655-bc-critical-complete-shutdown-of-the-transaction-processing....md)
* [33696 - \[BC - Critical\] Failure to validate golden ticket admin cert](/shardeum-core/33696-bc-critical-failure-to-validate-golden-ticket-admin-cert.md)
* [33745 - \[BC - Critical\] A math quirk in Javascript allows anyone to tak...](/shardeum-core/33745-bc-critical-a-math-quirk-in-javascript-allows-anyone-to-tak....md)
* [33750 - \[BC - Critical\] Abusing setCertTime Transactions to drain node ...](/shardeum-core/33750-bc-critical-abusing-setcerttime-transactions-to-drain-node-....md)
* [33766 - \[BC - Critical\] Improper input validation in TransactionConsenu...](/shardeum-core/33766-bc-critical-improper-input-validation-in-transactionconsenu....md)
* [33872 - \[BC - Critical\] Infinite loop in shardeum](/shardeum-core/33872-bc-critical-infinite-loop-in-shardeum.md)
* [33922 - \[BC - Critical\] Steal Rewards and Take over Network by Faking A...](/shardeum-core/33922-bc-critical-steal-rewards-and-take-over-network-by-faking-a....md)
* [33925 - \[BC - Critical\] Improper input validation in fixDeserializedWra...](/shardeum-core/33925-bc-critical-improper-input-validation-in-fixdeserializedwra....md)
* [33941 - \[BC - Critical\] A missing check for the type of a variable allo...](/shardeum-core/33941-bc-critical-a-missing-check-for-the-type-of-a-variable-allo....md)
* [33946 - \[BC - Critical\] Lack of voter deduplication in sync\_trie\_hashes...](/shardeum-core/33946-bc-critical-lack-of-voter-deduplication-in-sync_trie_hashes....md)
* [33963 - \[BC - Critical\] Crashing the network by filling timestamp cache...](/shardeum-core/33963-bc-critical-crashing-the-network-by-filling-timestamp-cache....md)
* [33972 - \[BC - Critical\] Inflating the votes of the hash for a malicious...](/shardeum-core/33972-bc-critical-inflating-the-votes-of-the-hash-for-a-malicious....md)
* [34012 - \[BC - Critical\] Improper input validation in repair\_oos\_account...](/shardeum-core/34012-bc-critical-improper-input-validation-in-repair_oos_account....md)
* [34019 - \[BC - Critical\] Lack of vote validation in sync\_trie\_hashes lea...](/shardeum-core/34019-bc-critical-lack-of-vote-validation-in-sync_trie_hashes-lea....md)
* [34020 - \[BC - Critical\] An alternative entry point with a separated but...](/shardeum-core/34020-bc-critical-an-alternative-entry-point-with-a-separated-but....md)
* [34053 - \[BC - Critical\] Malicious HTTP responses allow systemic applica...](/shardeum-core/34053-bc-critical-malicious-http-responses-allow-systemic-applica....md)
* [34093 - \[BC - Critical\] lib-net can be used to force oom reap of shardu...](/shardeum-core/34093-bc-critical-lib-net-can-be-used-to-force-oom-reap-of-shardu....md)
* [34201 - \[BC - Critical\] Prototype pollution vulnerability in remove\_tim...](/shardeum-core/34201-bc-critical-prototype-pollution-vulnerability-in-remove_tim....md)
* [34252 - \[BC - Critical\] Bypass Certificate Signing Validation](/shardeum-core/34252-bc-critical-bypass-certificate-signing-validation.md)
* [34353 - \[BC - Critical\] Killing nodes by polluting tx timestamp cache o...](/shardeum-core/34353-bc-critical-killing-nodes-by-polluting-tx-timestamp-cache-o....md)
* [34456 - \[BC - Critical\] Lack of consensus validation in repair\_oos\_acco...](/shardeum-core/34456-bc-critical-lack-of-consensus-validation-in-repair_oos_acco....md)
* [34476 - \[BC - Critical\] remove\_timestamp\_cache prototype pollution lead...](/shardeum-core/34476-bc-critical-remove_timestamp_cache-prototype-pollution-lead....md)
* [34481 - \[BC - Critical\] Bypassing sender verification in gossip-final-s...](/shardeum-core/34481-bc-critical-bypassing-sender-verification-in-gossip-final-s....md)
* [34484 - \[BC - Critical\] Tricking legit node to signed maliciously contr...](/shardeum-core/34484-bc-critical-tricking-legit-node-to-signed-maliciously-contr....md)
* [34500 - \[BC - Critical\] Prototype pollution vulnerability in get\_tx\_tim...](/shardeum-core/34500-bc-critical-prototype-pollution-vulnerability-in-get_tx_tim....md)

</details>

<details>

<summary>High</summary>

* [33473 - \[BC - High\] Cross-chain replay attacks are possible due to ...](/shardeum-core/33473-bc-high-cross-chain-replay-attacks-are-possible-due-to-....md)
* [33576 - \[BC - High\] Lack of deduplication in joinarchiver requests ...](/shardeum-core/33576-bc-high-lack-of-deduplication-in-joinarchiver-requests-....md)
* [33848 - \[BC - High\] For the first cycles of the network a maliciou...](/shardeum-core/33848-bc-high-for-the-first-cycles-of-the-network-a-maliciou....md)
* [34349 - \[BC - High\] Archiver Join Limit Logic Error](/shardeum-core/34349-bc-high-archiver-join-limit-logic-error.md)
* [34422 - \[BC - High\] Forcing the new POQo system to fail preventing ...](/shardeum-core/34422-bc-high-forcing-the-new-poqo-system-to-fail-preventing-....md)

</details>

<details>

<summary>Medium</summary>

* [33044 - \[BC - Medium\] Preventing the network from loading by disconne...](/shardeum-core/33044-bc-medium-preventing-the-network-from-loading-by-disconne....md)
* [33254 - \[BC - Medium\] The signature used to Gossip an UnjoinRequest h...](/shardeum-core/33254-bc-medium-the-signature-used-to-gossip-an-unjoinrequest-h....md)

</details>

<details>

<summary>Low</summary>

* [32942 - \[BC - Low\] The ChainID and URL parameters that can modify ...](/shardeum-core/32942-bc-low-the-chainid-and-url-parameters-that-can-modify-....md)

</details>

<details>

<summary>Insight</summary>

* [33395 - \[BC - Insight\] DoS attack on peer nodes through gossip-valid-j...](/shardeum-core/33395-bc-insight-dos-attack-on-peer-nodes-through-gossip-valid-j....md)
* [33520 - \[BC - Insight\] Inconsistent consensus issue for BlakeF precomp...](/shardeum-core/33520-bc-insight-inconsistent-consensus-issue-for-blakef-precomp....md)
* [33735 - \[BC - Insight\] Network split due to the sync issue in PP modul...](/shardeum-core/33735-bc-insight-network-split-due-to-the-sync-issue-in-pp-modul....md)
* [33813 - \[BC - Insight\] Double slashing of validators](/shardeum-core/33813-bc-insight-double-slashing-of-validators.md)
* [34364 - \[BC - Insight\] pp deserialization denial of service issue](/shardeum-core/34364-bc-insight-pp-deserialization-denial-of-service-issue.md)
* [34489 - \[BC - Insight\] ActivetsValidateRecordTypes do not check all th...](/shardeum-core/34489-bc-insight-activetsvalidaterecordtypes-do-not-check-all-th....md)

</details>

## Reports by Type

[Blockchain/DLT](#blockchain-dlt)

<details>

<summary>Blockchain/DLT</summary>

* [32942 - \[BC - Low\] The ChainID and URL parameters that can modify ...](/shardeum-core/32942-bc-low-the-chainid-and-url-parameters-that-can-modify-....md)
* [32982 - \[BC - Critical\] Crashing all Validators Vulnerability in eth\_g...](/shardeum-core/32982-bc-critical-crashing-all-validators-vulnerability-in-eth_g....md)
* [32993 - \[BC - Critical\] Crashing Validators by triggering an uncaught e...](/shardeum-core/32993-bc-critical-crashing-validators-by-triggering-an-uncaught-e....md)
* [33044 - \[BC - Medium\] Preventing the network from loading by disconne...](/shardeum-core/33044-bc-medium-preventing-the-network-from-loading-by-disconne....md)
* [33086 - \[BC - Critical\] Complete shutdown of the transaction processing...](/shardeum-core/33086-bc-critical-complete-shutdown-of-the-transaction-processing....md)
* [33151 - \[BC - Critical\] Front running initial account data distribution](/shardeum-core/33151-bc-critical-front-running-initial-account-data-distribution.md)
* [33222 - \[BC - Critical\] An attacker can control which nodes can and can...](/shardeum-core/33222-bc-critical-an-attacker-can-control-which-nodes-can-and-can....md)
* [33254 - \[BC - Medium\] The signature used to Gossip an UnjoinRequest h...](/shardeum-core/33254-bc-medium-the-signature-used-to-gossip-an-unjoinrequest-h....md)
* [33277 - \[BC - Critical\] Validators can be crashed via GET](/shardeum-core/33277-bc-critical-validators-can-be-crashed-via-get.md)
* [33278 - \[BC - Critical\] Improper input validation leads to DOS and tota...](/shardeum-core/33278-bc-critical-improper-input-validation-leads-to-dos-and-tota....md)
* [33395 - \[BC - Insight\] DoS attack on peer nodes through gossip-valid-j...](/shardeum-core/33395-bc-insight-dos-attack-on-peer-nodes-through-gossip-valid-j....md)
* [33424 - \[BC - Critical\] Improper input validation in safeJsonParse lead...](/shardeum-core/33424-bc-critical-improper-input-validation-in-safejsonparse-lead....md)
* [33428 - \[BC - Critical\] Validators can be crashed via pp](/shardeum-core/33428-bc-critical-validators-can-be-crashed-via-pp.md)
* [33473 - \[BC - High\] Cross-chain replay attacks are possible due to ...](/shardeum-core/33473-bc-high-cross-chain-replay-attacks-are-possible-due-to-....md)
* [33483 - \[BC - Critical\] shardeum validator bypass loop breaking increme...](/shardeum-core/33483-bc-critical-shardeum-validator-bypass-loop-breaking-increme....md)
* [33520 - \[BC - Insight\] Inconsistent consensus issue for BlakeF precomp...](/shardeum-core/33520-bc-insight-inconsistent-consensus-issue-for-blakef-precomp....md)
* [33576 - \[BC - High\] Lack of deduplication in joinarchiver requests ...](/shardeum-core/33576-bc-high-lack-of-deduplication-in-joinarchiver-requests-....md)
* [33632 - \[BC - Critical\] Signature forgery on behalf of other nodes lead...](/shardeum-core/33632-bc-critical-signature-forgery-on-behalf-of-other-nodes-lead....md)
* [33637 - \[BC - Critical\] In get\_tx\_timestamp a prototype pollution bri...](/shardeum-core/33637-bc-critical-in-get_tx_timestamp-a-prototype-pollution-bri....md)
* [33638 - \[BC - Critical\] In remove\_timestamp\_cache a prototype polluti...](/shardeum-core/33638-bc-critical-in-remove_timestamp_cache-a-prototype-polluti....md)
* [33655 - \[BC - Critical\] Complete shutdown of the transaction processing...](/shardeum-core/33655-bc-critical-complete-shutdown-of-the-transaction-processing....md)
* [33696 - \[BC - Critical\] Failure to validate golden ticket admin cert](/shardeum-core/33696-bc-critical-failure-to-validate-golden-ticket-admin-cert.md)
* [33735 - \[BC - Insight\] Network split due to the sync issue in PP modul...](/shardeum-core/33735-bc-insight-network-split-due-to-the-sync-issue-in-pp-modul....md)
* [33745 - \[BC - Critical\] A math quirk in Javascript allows anyone to tak...](/shardeum-core/33745-bc-critical-a-math-quirk-in-javascript-allows-anyone-to-tak....md)
* [33750 - \[BC - Critical\] Abusing setCertTime Transactions to drain node ...](/shardeum-core/33750-bc-critical-abusing-setcerttime-transactions-to-drain-node-....md)
* [33766 - \[BC - Critical\] Improper input validation in TransactionConsenu...](/shardeum-core/33766-bc-critical-improper-input-validation-in-transactionconsenu....md)
* [33813 - \[BC - Insight\] Double slashing of validators](/shardeum-core/33813-bc-insight-double-slashing-of-validators.md)
* [33848 - \[BC - High\] For the first cycles of the network a maliciou...](/shardeum-core/33848-bc-high-for-the-first-cycles-of-the-network-a-maliciou....md)
* [33872 - \[BC - Critical\] Infinite loop in shardeum](/shardeum-core/33872-bc-critical-infinite-loop-in-shardeum.md)
* [33922 - \[BC - Critical\] Steal Rewards and Take over Network by Faking A...](/shardeum-core/33922-bc-critical-steal-rewards-and-take-over-network-by-faking-a....md)
* [33925 - \[BC - Critical\] Improper input validation in fixDeserializedWra...](/shardeum-core/33925-bc-critical-improper-input-validation-in-fixdeserializedwra....md)
* [33941 - \[BC - Critical\] A missing check for the type of a variable allo...](/shardeum-core/33941-bc-critical-a-missing-check-for-the-type-of-a-variable-allo....md)
* [33946 - \[BC - Critical\] Lack of voter deduplication in sync\_trie\_hashes...](/shardeum-core/33946-bc-critical-lack-of-voter-deduplication-in-sync_trie_hashes....md)
* [33963 - \[BC - Critical\] Crashing the network by filling timestamp cache...](/shardeum-core/33963-bc-critical-crashing-the-network-by-filling-timestamp-cache....md)
* [33972 - \[BC - Critical\] Inflating the votes of the hash for a malicious...](/shardeum-core/33972-bc-critical-inflating-the-votes-of-the-hash-for-a-malicious....md)
* [34012 - \[BC - Critical\] Improper input validation in repair\_oos\_account...](/shardeum-core/34012-bc-critical-improper-input-validation-in-repair_oos_account....md)
* [34019 - \[BC - Critical\] Lack of vote validation in sync\_trie\_hashes lea...](/shardeum-core/34019-bc-critical-lack-of-vote-validation-in-sync_trie_hashes-lea....md)
* [34020 - \[BC - Critical\] An alternative entry point with a separated but...](/shardeum-core/34020-bc-critical-an-alternative-entry-point-with-a-separated-but....md)
* [34053 - \[BC - Critical\] Malicious HTTP responses allow systemic applica...](/shardeum-core/34053-bc-critical-malicious-http-responses-allow-systemic-applica....md)
* [34093 - \[BC - Critical\] lib-net can be used to force oom reap of shardu...](/shardeum-core/34093-bc-critical-lib-net-can-be-used-to-force-oom-reap-of-shardu....md)
* [34201 - \[BC - Critical\] Prototype pollution vulnerability in remove\_tim...](/shardeum-core/34201-bc-critical-prototype-pollution-vulnerability-in-remove_tim....md)
* [34252 - \[BC - Critical\] Bypass Certificate Signing Validation](/shardeum-core/34252-bc-critical-bypass-certificate-signing-validation.md)
* [34349 - \[BC - High\] Archiver Join Limit Logic Error](/shardeum-core/34349-bc-high-archiver-join-limit-logic-error.md)
* [34353 - \[BC - Critical\] Killing nodes by polluting tx timestamp cache o...](/shardeum-core/34353-bc-critical-killing-nodes-by-polluting-tx-timestamp-cache-o....md)
* [34364 - \[BC - Insight\] pp deserialization denial of service issue](/shardeum-core/34364-bc-insight-pp-deserialization-denial-of-service-issue.md)
* [34422 - \[BC - High\] Forcing the new POQo system to fail preventing ...](/shardeum-core/34422-bc-high-forcing-the-new-poqo-system-to-fail-preventing-....md)
* [34456 - \[BC - Critical\] Lack of consensus validation in repair\_oos\_acco...](/shardeum-core/34456-bc-critical-lack-of-consensus-validation-in-repair_oos_acco....md)
* [34476 - \[BC - Critical\] remove\_timestamp\_cache prototype pollution lead...](/shardeum-core/34476-bc-critical-remove_timestamp_cache-prototype-pollution-lead....md)
* [34481 - \[BC - Critical\] Bypassing sender verification in gossip-final-s...](/shardeum-core/34481-bc-critical-bypassing-sender-verification-in-gossip-final-s....md)
* [34484 - \[BC - Critical\] Tricking legit node to signed maliciously contr...](/shardeum-core/34484-bc-critical-tricking-legit-node-to-signed-maliciously-contr....md)
* [34489 - \[BC - Insight\] ActivetsValidateRecordTypes do not check all th...](/shardeum-core/34489-bc-insight-activetsvalidaterecordtypes-do-not-check-all-th....md)
* [34500 - \[BC - Critical\] Prototype pollution vulnerability in get\_tx\_tim...](/shardeum-core/34500-bc-critical-prototype-pollution-vulnerability-in-get_tx_tim....md)

</details>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://reports.immunefi.com/shardeum-core.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.