In January 2026, a severe vulnerability was discovered in Bitcoin Core versions 30.0 and 30.1. The issue could be triggered when migrating an older wallet.dat file while the software's pruning function was enabled, potentially causing file deletion and the loss of funds. This critical flaw underscored how even new software versions must be carefully audited for interactions with legacy file formats.
Automated security scanning increases; Bitcoin Core shifts toward descriptor wallets; cloud hosts patch legacy default setups. Negligible (Patched)
The development community began to steer the ecosystem away from this habit. With Bitcoin Core , they made a major change: the client no longer automatically creates a default wallet.dat file. This change is subtle but effective. The absence of a default file forces users to think more carefully about the security of their wallets, making them less likely to simply accept the default file name wallet.dat . indexofwalletdat patched
The wallet.dat file is the backbone of a Bitcoin Core or similar cryptocurrency wallet. It is not just a simple text file; it's a Berkeley database (BDB) that contains all the essential information needed to access and manage your funds. Inside this critical file lies the key to your cryptocurrency vault:
Devices like Ledger or Trezor keep your private keys offline, making "indexof" exploits physically impossible. In January 2026, a severe vulnerability was discovered
[User Backs Up Crypto Wallet] ──> [Places wallet.dat in public_html/backup/] │ ▼ [Web Server Misconfiguration] ──> Directory Listing Enabled (No index.php) │ ▼ [Search Engine Web Crawler] ──> Indexes the page as "Index of /backup" │ ▼ [Malicious Actor] ──> Executes Google Dork ──> Downloads File
This vulnerability was considered serious enough that the Bitcoin Core project pulled the binaries for versions 30.0 and 30.1 from its official download site. The patch was urgently released in version , and users were strongly advised not to use the wallet migration tool until they had upgraded to the fixed version. This change is subtle but effective
In the rapidly evolving landscape of digital finance, security threats are becoming increasingly sophisticated. The recent discovery and subsequent patching of the vulnerability marked a critical moment for crypto wallet security in early 2026 . This vulnerability specifically targeted how wallet applications index and store sensitive user data, creating a pathway for unauthorized access.
The ListWalletDir function, which is responsible for finding all wallets in a directory, had its own issues. One notable patch in Pull Request #19502 focused on soft-failing exceptions to prevent a bug from crashing the entire node. Furthermore, path traversal vulnerabilities, where an attacker could specify a file path to overwrite critical system files, were identified and patched in various crypto frameworks.