Critical Bitcoin Core Vulnerability CVE-2024-52911 Exposes 43% of Nodes to Attack

Critical Bitcoin Core Vulnerability CVE-2024-52911 Exposes 43% of Nodes to Attack

First seen 6 May 2026, 09:27 UTC ChaincatcherKucoinbitcoincore.orgcrypto-economy.com 92% similarity 57.8

Article Content

Browse articles
ThreatCluster

Bitcoin Core developers disclosed a high-risk vulnerability, CVE-2024-52911, affecting versions 0.14.1 to 28.4. This flaw allows miners to remotely crash other users' nodes and execute code by mining specially crafted blocks. Discovered by Cory Fields in November 2024, the fix was merged in December and released in April 2025. Despite the patch, approximately 43% of Bitcoin nodes remain vulnerable as upgrading is voluntary. The last vulnerable version was discontinued on April 19, 2026. While the attack cost is high, the potential for exploitation remains a concern for those running outdated software.

Key Points: • CVE-2024-52911 affects Bitcoin Core versions 0.14.1 to 28.4, allowing remote node crashes. • 43% of Bitcoin nodes are still running vulnerable software despite the availability of a patch. • The vulnerability was responsibly disclosed in November 2024 and patched in April 2025.

ThreatCluster AI

Timeline

2024-11-01
Vulnerability discovered
Cory Fields discovered a critical vulnerability in Bitcoin Core affecting multiple versions.
Chaincatcher
2024-12-01
Fix merged
The fix for CVE-2024-52911 was merged into the Bitcoin Core codebase.
Chaincatcher
2025-04-01
Patch released
Bitcoin Core version v29 was released, addressing the vulnerability.
Chaincatcher
2026-04-19
Last vulnerable version discontinued
The last series of vulnerable Bitcoin Core versions (28.x) was officially discontinued.
Chaincatcher
2026-05-05
CVE-2024-52911 published
CVE-2024-52911 was officially published, detailing the vulnerability affecting Bitcoin Core.
Kucoin

Community

Browse all →