Bitcoin Core Bug Let Miners Crash, Control Nodes

Bitcoin Core developers disclosed a critical security vulnerability on May 5, 2026, that for years allowed miners to potentially crash or remotely control nodes. The bug, CVE-2024-52911, affected software from version 0.14.1 through 28.4 and was a use-after-free memory safety issue.

Specifically, a miner could craft a special block to trigger the bug during the node’s block validation process. Consequently, the node would read from cached memory after it had been freed, creating a state for potential remote code execution.

However, executing this attack came with a massive financial deterrent. It required miners to direct costly computational power toward creating invalid blocks that provided no Bitcoin reward, as noted in the advisory.

Developer Cory Fields found and responsibly reported the flaw in November 2024. A fix was quickly proposed and merged into the codebase by December, appearing in the public release of Bitcoin Core 29.0 in April 2025.

Meanwhile, the disclosure was delayed until vulnerable release lines had reached their end-of-life. Developer Niklas Gögge correctly noted this was the project’s first disclosed memory safety bug.

The bug’s fix did not alter Bitcoin’s consensus rules but patched a software-level validation error. Still, many node operators have not yet upgraded, leaving their systems exposed to this now-public vulnerability.

✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.

Previous Articles:

• Crypto PAC spends over $500k on Indiana GOP Rep
• Critical Apache HTTP Server Flaw Enables RCE
• CME to launch Bitcoin Volatility futures June 1
• ChatGPT Upgraded Free for All; Hallucinations Cut in Half
• Ripple CTO warns public not to invest in Ripple stock