PANews reported on May 6th that, according to Protos, Bitcoin Core developers recently disclosed a high-risk vulnerability, CVE-2024-52911. This vulnerability affects versions 0.14.1 through 28.4, allowing miners to remotely crash other users' nodes and execute code by mining specially crafted blocks. The vulnerability was discovered and responsibly disclosed by developer Cory Fields in November 2024. A fix was merged in December of that year and released with version v29 in April 2025. The last vulnerable version series of 28.x was discontinued on April 19, 2026.

However, since upgrading to a full Bitcoin node is voluntary, it is estimated that approximately 43% of nodes are still running older versions of the vulnerable software, facing potential risks. Fortunately, the attack is extremely costly to execute—miners would need to dedicate significant computing power to mining invalid blocks that do not earn block rewards—so it is very likely that it has never been actually exploited.