CVE-2025-65548

CVE-2025-65548 is a vulnerability in the nutshell implementation (cashubtc/nuts) prior to version 0.18.0, stemming from NUT-14's support for creating Cashu tokens backed by a preimage hash. When such a token is spent, the mint stores the provided preimage without validating its size, enabling attackers to supply arbitrarily large data. This leads to denial-of-service via exhaustion of the mint's database and disk storage. The issue is rated at CVSS 9.1 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N) and maps to CWE-1284 (Improper Validation of Specified Quantity in Input).

The vulnerability is exploitable remotely by unauthenticated attackers (PR:N) with low complexity over the network (AV:N). An attacker can create a Cashu token with a preimage hash, then redeem it by submitting an oversized preimage, causing the mint to store excessive data and potentially crash or render the service unavailable due to storage depletion. The high confidentiality and integrity impacts per CVSS suggest potential for data exposure or corruption alongside the storage DoS.

Advisories reference public disclosures on Bitcointalk and Delving Bitcoin detailing the denial-of-service via HTLC in Cashu, along with NUT specifications in GitHub (nuts/07.md and 14.md). Mitigation involves upgrading nutshell to version 0.18.0 or later, which presumably adds preimage size validation, as the flaw affects only prior releases.