A Bitcoin Core vulnerability allows miners to run code on other people's nodes; approximately 43% of nodes have not yet patched it.

CoinFeed reported on May 6th that, according to Protos, Bitcoin Core developers recently disclosed a high-risk vulnerability, CVE-2024-52911. This vulnerability affects versions 0.14.1 to 28.4, allowing miners to remotely crash other users' nodes and execute code by mining specially crafted blocks. The vulnerability was discovered and responsibly disclosed by developer Cory Fields in November 2024. A fix was merged in December of that year and released with version v29 in April 2025. The last vulnerable version series of 28.x was discontinued on April 19, 2026. However, since Bitcoin full node upgrades are voluntary, it is estimated that approximately 43% of nodes are still running older versions of the vulnerable software, facing potential risks.