CVE-2025-66559

Vulnerability Description

Taiko Alethia is an Ethereum-equivalent, permissionless, based rollup designed to scale Ethereum without compromising its fundamental properties. In 2.3.1 and earlier, TaikoInbox._verifyBatches (packages/protocol/contracts/layer1/based/TaikoInbox.sol:627-678) advanced the local tid to whatever transition matched the current blockHash before knowing whether that batch would actually be verified. When the loop later broke (e.g., cooldown window not yet passed or transition invalidated), the function still wrote that newer tid into batches[lastVerifiedBatchId].verifiedTransitionId after decrementing batchId. Result: the last verified batch could end up pointing at a transition index from the next batch (often zeroed), corrupting the verified chain pointer.

Related Weaknesses (CWE)

References

• https://github.com/taikoxyz/taiko-mono/commit/379f5cb4ffe9e1945563ab2c7740bc9f4e
• https://github.com/taikoxyz/taiko-mono/security/advisories/GHSA-5mxh-r33p-6h5x

FAQ

What is CVE-2025-66559?

CVE-2025-66559 is a documented vulnerability. Taiko Alethia is an Ethereum-equivalent, permissionless, based rollup designed to scale Ethereum without compromising its fundamental properties. In 2.3.1 and earlier, TaikoInbox._verifyBatches (packa...

How severe is CVE-2025-66559?

CVSS scoring is not yet available for CVE-2025-66559. Check NVD for updates.

Is there a patch for CVE-2025-66559?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.