We are pleased to announce the release of mwc-node 3.0.0. It is important that all full nodes be upgraded to mwc-node 3.0.0: https://github.com/mwcproject/mwc-node/releases/tag/3.0.0
The Grin developers notified us of a CVE (https://github.com/mimblewimble/grin-security/blob/master/CVEs/CVE-2020-6638.md) shortly after publicly disclosing it. While this vulnerability cannot harm the Grin network because after their hard fork all full nodes have the fix, the MWC network is susceptible to this vulnerability and therefore all full nodes MUST be upgraded immediately. Fortunately, we had already started work on the rebase to Grin 3.0.0, which has a fix to this problem, and once we were notified we immediately released the rebased version. We quietly ensured all mining pools and exchanges had upgraded to 3.0.0 and are now publicly announcing this update.
We thank the Grin developers for notifying us.