CVE 9.1 CRITICAL

CVE-2025-65548_CVE-2025-65548

December 11, 2025 invoker category_cve

9.1 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Description

NUT-14 allows cashu tokens to be created with a preimage hash. However, nutshell (cashubtc/nuts) before 0.18.0 do not validate the size of preimage when the token is spent. The preimage is stored by the mint and attacker can exploit this vulnerability to fill the mint's db nd disk with arbitrary data.

AI Analysis

Denial of Service using HTLC in Cashu due to unvalidated preimage size

Basic Information

ID CVE-2025-65548

Source mitre

Published Dec 8, 2025 at 00:00

Modified Dec 11, 2025 at 14:36

Affected Product

Vendor cashubtc

Product nuts

Version <0.18.0

Affected Versions n/a n/a n/a

CWE Classification

CWE-1284

AI Assessment

AI Score 9.1 / 10

AI Severity Critical

Vendor cashubtc

Product nuts

Version <0.18.0

References

{
    "lastseen": "",
    "description": "NUT-14 allows cashu tokens to be created with a preimage hash. However, nutshell (cashubtc/nuts) before 0.18.0 do not validate the size of preimage when the token is spent. The preimage is stored by the mint and attacker can exploit this vulnerability to fill the mint's db nd disk with arbitrary data.",
    "published": "2025-12-08T00:00:00.000Z",
    "modified": "2025-12-11T14:36:58.193Z",
    "type": "cve",
    "title": "CVE-2025-65548",
    "source": "mitre",
    "references": "https://delvingbitcoin.org/t/public-disclosure-denial-of-service-using-htlc-in-cashu/2090\nhttps://github.com/cashubtc/nuts/blob/main/14.md\nhttps://github.com/cashubtc/nuts/blob/main/07.md\nhttps://preimage007.github.io/\nhttps://github.com/jamesob/delving-bitcoin-archive/blob/master/archive/rendered-topics/2025-11-November/2025-11-02-public-disclosure-denial-of-service-using-htlc-in-cashu-id2090.md\nhttps://bitcointalk.org/index.php?topic=5564329",
    "id": "CVE-2025-65548",
    "bulletinFamily": "",
    "cwe": [
        "CWE-1284"
    ],
    "cvelist": null,
    "sourceData": "n/a n/a n/a",
    "sourceHref": "",
    "cvss": {
        "score": 9.1,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "nuts",
    "version": "<0.18.0",
    "vendor": "cashubtc",
    "ai_description": "Denial of Service using HTLC in Cashu due to unvalidated preimage size",
    "ai_severity": "Critical",
    "ai_vendor": "cashubtc",
    "ai_product": "nuts",
    "ai_version": "<0.18.0",
    "ai_score": 9.1
}

💭 Join the Security Discussion ❌ Cancel Reply