EUVD-2025-29368

Malicious code in bioql PyPI...

GO-2025-3520 cheqd-node Security patch for upstream vulnerabilities in IBC-Go (ISA-2025-001) and Cosmos SDK (ISA-2025-002) in github.com/cheqd/cheqd-node

cheqd-node Security patch for upstream vulnerabilities in IBC-Go ISA-2025-001 and Cosmos SDK ISA-2025-002 in github.com/cheqd/cheqd-node. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causin...

GHSA-H2RP-8VPX-Q9R4 cheqd-node Security patch for upstream vulnerabilities in IBC-Go (ISA-2025-001) and Cosmos SDK (ISA-2025-002)

Description There have been two upstream security advisories and associated patches published under ISA-2025-001 and ISA-2025-002. ISA-2025-001 affects the IBC-Go package., where non-deterministic JSON unmarshalling of IBC Acknowledgements can result in a chain halt. ISA-2025-002 affects the Cosm...

GO-2025-3514 cheqd-node affected by Non-deterministic JSON Unmarshalling of IBC Acknowledgement in github.com/cheqd/cheqd-node

cheqd-node affected by Non-deterministic JSON Unmarshalling of IBC Acknowledgement in github.com/cheqd/cheqd-node. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive report...

cheqd-node affected by Non-deterministic JSON Unmarshalling of IBC Acknowledgement

Description An issue was discovered in IBC-Go's deserialization of acknowledgements that results in non-deterministic behavior which can halt a chain. Any user that can open an IBC channel can introduce this state to the chain. This an upstream dependency used in cheqd-node, rather than a custom...

GHSA-33CR-M232-XQCH cheqd-node affected by Non-deterministic JSON Unmarshalling of IBC Acknowledgement

Description An issue was discovered in IBC-Go's deserialization of acknowledgements that results in non-deterministic behavior which can halt a chain. Any user that can open an IBC channel can introduce this state to the chain. This an upstream dependency used in cheqd-node, rather than a custom...

IBC Hijack

github.com/cheqd/cheqd-node is vulnerable to IBC hijack. The vulnerability is due to improper handling or validation within the IBC transfer mechanism, allows an attacker to compromise the security of chain-to-chain IBC transfers...

cheqd-node subject to Cosmos SDK "Barberry" vulnerability

Impact This vulnerability dubbed "Barberry" affects the Cosmos SDK framework used by cheqd-node as base. It impacts the way Cosmos SDK handles vesting accounts, and can therefore be a high-impact vulnerability for any network running the framework. There is no vulnerability in the DID/resource...

GHSA-8QXH-2GH8-R923 cheqd-node subject to Cosmos SDK "Barberry" vulnerability

Impact This vulnerability dubbed "Barberry" affects the Cosmos SDK framework used by cheqd-node as base. It impacts the way Cosmos SDK handles vesting accounts, and can therefore be a high-impact vulnerability for any network running the framework. There is no vulnerability in the DID/resource...

cheqd-node affected by Inter-blockchain Communication (IBC) protocol "Huckleberry" vulnerability

Impact This vulnerability affects the ibc-go package for those running full nodes, dubbed "Huckleberry". According to their advisory: This issue is low-severity in general, and it has a low impact and likelihood of exploitation. Depending on how a full node is architected, this issue could...

GHSA-7C94-GVVJ-R3MG cheqd-node affected by Inter-blockchain Communication (IBC) protocol "Huckleberry" vulnerability

Impact This vulnerability affects the ibc-go package for those running full nodes, dubbed "Huckleberry". According to their advisory: This issue is low-severity in general, and it has a low impact and likelihood of exploitation. Depending on how a full node is architected, this issue could...

PT-2023-32988 · Unknown +1 · Cheqd-Node +1

Name of the Vulnerable Software and Affected Versions: ibc-go versions prior to v6.1.1 cheqd-node versions prior to v1.4.2 Description: This issue has a low severity in general, with low impact and likelihood of exploitation. However, depending on the full node architecture, it could potentially...

GHSA-J92C-MMF7-J5X5 Potential inter-blockchain communication (IBC) protocol compromise via "Dragonberry" vulnerability in cheqd

Impact This vulnerability affects IBC transfers due to a security vulnerability dubbed "Dragonberry" upstream in Cosmos SDK. The vulnerability could allow malicious attackers to compromise chain-to-chain IBC transfers. There is no vulnerability in the DID/resource modules for cheqd-node. Patches...

Potential inter-blockchain communication (IBC) protocol compromise via "Dragonberry" vulnerability in cheqd

Impact This vulnerability affects IBC transfers due to a security vulnerability dubbed "Dragonberry" upstream in Cosmos SDK. The vulnerability could allow malicious attackers to compromise chain-to-chain IBC transfers. There is no vulnerability in the DID/resource modules for cheqd-node. Patches...