CVE-2026-40070Sgbett · Bsv-wallet
Vulnerability data via NVD (ingested)
BSV Ruby SDK is the Ruby SDK for the BSV blockchain. From 0.3.1 to before 0.8.2, BSV::Wallet::WalletClient#acquire_certificate persists certificate records to storage without verifying the certifier's signature over the certificate contents. In acquisition_protocol: 'direct', the caller supplies all certificate fields (including signature:) and the record is written to storage verbatim. In acquisition_protocol: 'issuance', the client POSTs to a certifier URL and writes whatever signature the response body contains, also without verification. An attacker who can reach either API (or who controls a certifier endpoint targeted by the issuance path) can forge identity certificates that subsequently appear authentic to list_certificates and prove_certificate.
External references
Search for exposed instances
Shodan + Censys queries derived from NVD's CPE data. The vuln tag catches assets Shodan has explicitly linked to this CVE; the product / banner fingerprints find exposed instances even when the vuln tag was never applied (which is common).
vuln:CVE-2026-40070product:"Sgbett Bsv-wallet"http.html:"Bsv-wallet"More intel sources (5)
vuln:CVE-2026-40070vulnerabilities.cve_id: CVE-2026-40070CVE-2026-40070CVE-2026-40070"CVE-2026-40070" exploit -site:nvd.nist.gov