BitcoinWorld Bitcoin Core quietly patched a memory bug, but 43% of nodes may still be vulnerable Bitcoin Core, the primary software client used to run full Bitcoin nodes, has disclosed that it quietly patched a memory stability bug in version 29.0, released in April 2025. The bug, which could have been exploited to target miners, was fixed without public fanfare, raising questions about the security posture of the network. The bug and its scope According to reporting by The Block, the vulnerability was a memory handling issue within the node software. It did not affect the Bitcoin consensus algorithm and could not be used to alter the blockchain or create coins. However, it could have been leveraged to disrupt mining operations by causing instability in nodes running the affected software. The fix was included in Bitcoin Core version 29.0, and support for the vulnerable 28.x version line ended on April 19, 2026. This means that nodes still running 28.x or earlier are no longer receiving security updates and remain exposed to the bug. Why 43% of nodes matter Data from node monitoring services suggests that approximately 43% of reachable Bitcoin nodes are still running software older than version 29.0. This large percentage represents a significant portion of the network’s infrastructure. While the bug does not threaten the integrity of the blockchain itself, it poses a stability risk for individual node operators and, by extension, the miners who rely on a healthy node network. For context, Bitcoin nodes validate transactions and blocks, relay information across the network, and provide the backbone for decentralized consensus. A widespread instability event, even if temporary, could affect transaction propagation and mining efficiency. What node operators should do Node operators running version 28.x or earlier are strongly advised to upgrade to the latest version of Bitcoin Core. The upgrade process is straightforward and does not require a full blockchain resync. Operators should verify their version and update as soon as possible to ensure they are protected against this and any other bugs patched in subsequent releases. Implications for network security The quiet patching of this bug is not unusual in open-source software development. Many critical fixes are deployed without public disclosure until a later date or until a significant portion of the network has upgraded. However, the disclosure now highlights the ongoing challenge of node upgrade adoption. Even with a clear fix available, a large fraction of the network remains on outdated software, creating a latent risk. This incident underscores the importance of regular software maintenance for node operators and the need for clearer communication from development teams about security-relevant updates. It also serves as a reminder that the security of the Bitcoin network depends not only on the code but on the diligence of its operators. Conclusion The memory bug in Bitcoin Core was real but limited in scope. It has been patched for over a year, yet a substantial portion of the network has not upgraded. Node operators should treat this as a call to action: update to the latest version of Bitcoin Core to maintain network health and personal security. The broader lesson is that decentralized networks require active participation from their users to remain resilient. FAQs Q1: Does this bug affect Bitcoin’s consensus or the blockchain itself? No. The bug was a memory stability issue in the node software. It did not affect the consensus algorithm and could not be used to alter the blockchain or create fraudulent transactions. Q2: How do I check which version of Bitcoin Core I am running? You can check your version by running bitcoind --version or bitcoin-cli --version from the command line. The version number will be displayed in the output. Q3: Is it safe to continue running version 28.x? No. Support for version 28.x ended on April 19, 2026. Running outdated software exposes your node to known vulnerabilities, including this memory bug. Upgrading to the latest version is strongly recommended. This post Bitcoin Core quietly patched a memory bug, but 43% of nodes may still be vulnerable first appeared on BitcoinWorld .
