PANews reported on September 20 that according to Protos, Bitcoin Core developers have issued a new high-severity warning that one in six Bitcoin nodes has a software vulnerability. On Thursday, staff of the open source Bitcoin Core project, which is responsible for maintaining software running on more than 98% of reachable full nodes, disclosed that there are major security issues with the software running on 17% of the network's nodes. Specifically, all software below Bitcoin Core version 24.0.1 is at risk. According to Bitnodes' monitoring estimates, this denial of service vulnerability affects approximately 3,330 of the 19,200 self-proclaimed user agents of accessible Bitcoin full nodes.

In Bitcoin Core software prior to version 24.0.1, malicious actors could spam nodes with low-difficulty header chains. By forcing nodes to download and store extremely long header chains, the attack could crash nodes by taking up too much bandwidth or device storage space. Developers fixed this vulnerability in Bitcoin Core pull request (PR) number 25717 and merged it into production with the release of v24.0.1 on December 12, 2022. The current Bitcoin Core node software version (now 27.1) contains fixes for this and other vulnerabilities.

While the vulnerability is fairly severe, there are few known exploits on the public record. Since the cost of generating and broadcasting a block header chain to perform a denial of service attack is quite high, the vulnerability has little financial benefit for the attacker. However, it is a security vulnerability that could be exploited by extremely wealthy, powerful, or technologically advanced entities (such as a nation-state) who might want to disrupt Bitcoin operations for non-financial or financially delayed reasons. In early June, developers agreed to disclose serious vulnerabilities in the Bitcoin Core software that had been patched for at least 18 months. Initially, they disclosed vulnerabilities in versions 20 and below. However, every few weeks, they disclosed more software vulnerabilities. Unless Bitcoin node operators update their software, up to 17% of the network's nodes could be at risk of denial of service attacks.