CVE-2026-45137 | solana-foundation anchor up to 1.0.1 CPI Call Pubkey::default comparison (GHSA-c6rc-8jpp-2fgc)

SecurityVulns

A vulnerability identified as critical has been detected in solana-foundation anchor up to 1.0.1. This issue affects the function Pubkey::default of the component CPI Call Handler. The manipulation leads to incorrect comparison.

This vulnerability is uniquely identified as CVE-2026-45137. The attack is possible to be carried out remotely. No exploit exists.

You should upgrade the affected component.VulDB Recent EntriesRead More