4 matches found
EUVD-2026-27386
In Eclipse BaSyx Java Server SDK versions prior to 2.0.0-milestone-10, the Operation Delegation feature fails to validate the destination URI of delegated requests. An unauthenticated remote attacker can exploit this design flaw to force the BaSyx server to execute blind HTTP POST requests to...
Technitium DNS Server 安全漏洞
Technitium DNS Server is an open-source authoritative and recursive DNS server developed by the Technitium team. It can be used as a self-hosted DNS server to protect privacy and security. Versions of Technitium DNS Server prior to version 15.0 contained security vulnerabilities, which were cause...
User can have full voting power with virtually no lockup using multiple locks and delegation
Lines of code Vulnerability details Impact User receives voting power of max lock but only locks for a minimal amount of time Proof of Concept In VotingEscrow.solcheckpoint, the duration of the delegatee and the total delegated tokens are used to determine the amount of voting power that a lock...
A NFT can be delegated to many NFTS
Lines of code Vulnerability details In VoteEscrowDelegation.sol in the function delegate, there is no check about if the tokenId NFT has already been delegated. Thus is it possible to delegate voting power multiple time. It's even possible to self delegate tokenId = toTokenId multiple times. By...