How is CVE-2026-45137 exploited?

Network reachability (required): The vulnerable program is exposed over the network, allowing a remote attacker to submit crafted transactions without any need for local or physical access. Authentication (not-required): No credentials or account privileges are needed; any unauthenticated party able to submit transactions to the Solana program can trigger the vulnerability. Victim interaction (not-required): Exploitation is fully attacker-driven; no action from a legitimate user or administrator is needed to complete the attack. Attack complexity (info): The exploit is reliable and condition-free: the attacker simply passes a chosen executable account in place of the system program, with no race conditions or special environmental setup required.

What is the impact of CVE-2026-45137?

An attacker substitutes an arbitrary executable program for the expected system program, gaining the ability to execute cross-program invocations under the calling program's authority. Payment or transfer logic that relies on CPI calls to the system program can be bypassed, allowing an attacker to avoid fees or redirect funds. Confidential state exposed through the misconfigured CPI path can be read by the attacker, resulting in partial disclosure of on-chain account data (CVSS C:L). Integrity of on-chain state managed through system program instructions is compromised, as the attacker controls which program actually executes those operations (CVSS I:H).

Back to search

HIGHCVE-2026-45137Published 2026-05-27Modified 2026-05-28CNA GitHub_M

CVE-2026-45137: Anchor: Program<'info, System> is not properly validated

Q: Is CVE-2026-45137 patched?

Because no fix version has been published upstream, HarborGuard re-checks the advisory on every ingest cycle and will make a patched-image rebuild available automatically the moment Anchor 1.0.2 or a later fix is released. In the interim, customers can use HarborGuard policy controls to flag or block any image containing the affected Anchor version range.

Anchor is a framework providing several convenient developer tools for writing Solana programs. From 1.0.0 to before 1.0.2, an logic error causes anchor programs to accept any program id when requiring the system program id, causing false assumptions resulting in potential arbitrary cpi in programs that invoke system program instructions. In the TryFrom<&'a AccountInfo<'a>> implementation for Program<'a, T>, the id of T is compared with Pubkey::default() to check whether anchor should allow any executable account, or a specific account, because when no T is supplied, T defaults to (), which implements Id::id() by returning Pubkey::default(). This results in T = () and T = System (which has Pubkey::default() as the id) having the same behavior, both allow any executable account. Programs built with anchor assume that the anchor runtime verifies passed in programs of type Program<'a, System> are in fact the system program. This false assumption can lead to arbitrary CPI or payment bypassing when programs try making CPI calls to the system program using the passed in system program due to the fact that the attacker can pass in any program instead of the system program. This vulnerability is fixed in 1.0.2.

HarborGuard Analysis

HarborGuard analysis

Synopsis

A logic error in the Anchor framework for Solana program development causes Program<'info, System> account validation to accept any executable account instead of strictly requiring the system program. The flaw is reachable over the network with no authentication required, as described by the CVSS vector (AV:N/AC:L/PR:N/UI:N). Successful exploitation allows an attacker to substitute a malicious program for the system program, enabling arbitrary cross-program invocations (CPI) or bypassing payment checks within any affected Anchor-based Solana program. No fix version has been published upstream yet; HarborGuard tracks the advisory and will make a patched-image rebuild available as soon as a fix is released.

HarborGuard Coverage

Detection

Detection for CVE-2026-45137 is available across every HarborGuard environment: the CVE is ingested from upstream advisory feeds within minutes of publication and matched against customer images in connected registries and CI/CD pipelines, including custom-built images that bundle the affected versions of the Anchor framework (>= 1.0.0, < 1.0.2).

Available

Triage

Triage is available using the CVSS 3.1 base score of 8.2 (HIGH), weighted further by each environment's compliance policy to surface the finding to the appropriate team inbox inside each customer organization.

Available

Patch

Because no fix version has been published upstream, HarborGuard re-checks the advisory on every ingest cycle and will make a patched-image rebuild available automatically the moment Anchor 1.0.2 or a later fix is released. In the interim, customers can use HarborGuard policy controls to flag or block any image containing the affected Anchor version range.

Pending upstream

Exploit Conditions

Network reachabilityRequired
The vulnerable program is exposed over the network, allowing a remote attacker to submit crafted transactions without any need for local or physical access.
AuthenticationNot required
No credentials or account privileges are needed; any unauthenticated party able to submit transactions to the Solana program can trigger the vulnerability.
Victim interactionNot required
Exploitation is fully attacker-driven; no action from a legitimate user or administrator is needed to complete the attack.
Attack complexityDetail
The exploit is reliable and condition-free: the attacker simply passes a chosen executable account in place of the system program, with no race conditions or special environmental setup required.

Blast Radius

An attacker substitutes an arbitrary executable program for the expected system program, gaining the ability to execute cross-program invocations under the calling program's authority.
Payment or transfer logic that relies on CPI calls to the system program can be bypassed, allowing an attacker to avoid fees or redirect funds.
Confidential state exposed through the misconfigured CPI path can be read by the attacker, resulting in partial disclosure of on-chain account data (CVSS C:L).
Integrity of on-chain state managed through system program instructions is compromised, as the attacker controls which program actually executes those operations (CVSS I:H).

How HarborGuard Handles This

Available on HarborGuard: because no upstream fix exists for CVE-2026-45137 at this time, the platform re-evaluates the advisory on every ingest cycle and will trigger a patched-image rebuild automatically once Anchor 1.0.2 or a subsequent fix version is published. For customers who opt into auto-remediation, that rebuild will be followed by a regression-test run and a PR opened against affected workloads as soon as the fix is available. In the meantime, customers can apply network-policy isolation to restrict which callers can submit transactions to Anchor-based programs, and use HarborGuard pipeline gates to block promotion of any image containing Anchor >= 1.0.0, < 1.0.2 into production environments. Where compliance policy permits, alert routing is available to direct this HIGH-severity finding to the relevant team inbox without delay.

See how HarborGuard automates this

CVSS v3.1: 8.2
Severity: HIGH
Fixed in: —
Affected Products: 1

Affected packages

solana-foundation / anchor
>= 1.0.0, < 1.0.2

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

References

https://github.com/otter-sec/anchor/security/advisories/GHSA-c6rc-8jpp-2fgc