diff --git a/src/Makefile.test.include b/src/Makefile.test.include
--- a/src/Makefile.test.include
+++ b/src/Makefile.test.include
@@ -49,6 +49,7 @@
   test/fuzz/service_deserialize \
   test/fuzz/spanparsing \
   test/fuzz/sub_net_deserialize \
+  test/fuzz/timedata \
   test/fuzz/transaction \
   test/fuzz/tx_in_deserialize \
   test/fuzz/txoutcompressor_deserialize \
@@ -450,6 +451,12 @@
 test_fuzz_blocktransactionsrequest_deserialize_LDFLAGS = $(RELDFLAGS) $(AM_LDFLAGS) $(LIBTOOL_APP_LDFLAGS)
 test_fuzz_blocktransactionsrequest_deserialize_LDADD = $(FUZZ_SUITE_LD_COMMON)
 
+test_fuzz_timedata_CPPFLAGS = $(AM_CPPFLAGS) $(BITCOIN_INCLUDES)
+test_fuzz_timedata_CXXFLAGS = $(AM_CXXFLAGS) $(PIE_FLAGS)
+test_fuzz_timedata_LDADD = $(FUZZ_SUITE_LD_COMMON)
+test_fuzz_timedata_LDFLAGS = $(RELDFLAGS) $(AM_LDFLAGS) $(LIBTOOL_APP_LDFLAGS)
+test_fuzz_timedata_SOURCES = $(FUZZ_SUITE) test/fuzz/timedata.cpp
+
 test_fuzz_transaction_SOURCES = $(FUZZ_SUITE) test/fuzz/transaction.cpp
 test_fuzz_transaction_CPPFLAGS = $(AM_CPPFLAGS) $(BITCOIN_INCLUDES)
 test_fuzz_transaction_CXXFLAGS = $(AM_CXXFLAGS) $(PIE_FLAGS)
diff --git a/src/test/fuzz/CMakeLists.txt b/src/test/fuzz/CMakeLists.txt
--- a/src/test/fuzz/CMakeLists.txt
+++ b/src/test/fuzz/CMakeLists.txt
@@ -56,6 +56,7 @@
 	script
 	script_flags
 	spanparsing
+	timedata
 	transaction
 )
 
diff --git a/src/test/fuzz/timedata.cpp b/src/test/fuzz/timedata.cpp
new file mode 100644
--- /dev/null
+++ b/src/test/fuzz/timedata.cpp
@@ -0,0 +1,33 @@
+// Copyright (c) 2020 The Bitcoin Core developers
+// Distributed under the MIT software license, see the accompanying
+// file COPYING or http://www.opensource.org/licenses/mit-license.php.
+
+#include <test/fuzz/FuzzedDataProvider.h>
+#include <test/fuzz/fuzz.h>
+#include <test/fuzz/util.h>
+#include <timedata.h>
+
+#include <cstdint>
+#include <string>
+#include <vector>
+
+void test_one_input(const std::vector<uint8_t> &buffer) {
+    FuzzedDataProvider fuzzed_data_provider(buffer.data(), buffer.size());
+    const unsigned int max_size =
+        fuzzed_data_provider.ConsumeIntegralInRange<unsigned int>(0, 1000);
+    // Divide by 2 to avoid signed integer overflow in .median()
+    const int64_t initial_value =
+        fuzzed_data_provider.ConsumeIntegral<int64_t>() / 2;
+    CMedianFilter<int64_t> median_filter{max_size, initial_value};
+    while (fuzzed_data_provider.remaining_bytes() > 0) {
+        (void)median_filter.median();
+        assert(median_filter.size() > 0);
+        assert(static_cast<size_t>(median_filter.size()) ==
+               median_filter.sorted().size());
+        assert(static_cast<unsigned int>(median_filter.size()) <= max_size ||
+               max_size == 0);
+        // Divide by 2 to avoid signed integer overflow in .median()
+        median_filter.input(fuzzed_data_provider.ConsumeIntegral<int64_t>() /
+                            2);
+    }
+}