NRDAX
Submit

← registry

NRDAX-T0145 - Malformed HTTP Body Crash

connection_exhaustion · active · first seen 2026-07-09

provenance: Reproduced in NullRabbit's attack-reproduction pipeline

mechanism

CVE-2026-41585 (GHSA-29x4-r6jv-ff4w): Zebra's JSON-RPC HTTP middleware treated a failure to read the incoming HTTP request body as an unrecoverable error, aborting the process instead of returning an

instances (1)

chainprimitivefidelityoriginreproducer (bundle)source
zcash zebra_rpc_premature_disconnect_crash lab reverse-engineered-cve zebra_rpc_premature_disconnect_crash CVE-2026-41585 / GHSA-29x4-r6jv-ff4w https://github.com/ZcashFoundation/zebra/security/advisories/GHSA-29x4-r6jv-ff4w (Zebra JSON-RPC HTTP middleware: DoS via interrupted/truncated request body from an authenticated client)

related (connection_exhaustion)

cite

https://nrdax.com/techniques/NRDAX-T0145

plain

NRDAX Registry. Technique NRDAX-T0145.

bibtex
@misc{nrdax_NRDAX_T0145,
  title = {Malformed HTTP Body Crash (NRDAX-T0145)},
  howpublished = {NRDAX Registry},
  url = {https://nrdax.com/techniques/NRDAX-T0145},
}
json (csl)
{
  "id": "nrdax-NRDAX-T0145",
  "type": "dataset",
  "title": "Malformed HTTP Body Crash (NRDAX-T0145)",
  "URL": "https://nrdax.com/techniques/NRDAX-T0145",
  "publisher": "NRDAX Registry"
}