3 matches found
CVE-2026-42297 Argo Workflows Is Missing Authorization in Sync ConfigMap Provider
Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. From version 4.0.0 to before version 4.0.5, the Sync Service's ConfigMap-backed provider server/sync/synccm.go performs zero authorization checks on all CRUD operations create, read,...
Remove the withdrawOtherToken function (phishing)
Lines of code Vulnerability details Impact This function can be only called by admins. Remove the withdrawOtherToken function to prevent you from phishing attacks. Proof 1. Attacker will send the fake tokens to your contract address. 2. Now there are 100% chances, admin of vesting contract will b...
USING SYMBOL FOR TOKEN IDENTIFICATION
Lines of code Vulnerability details Impact Proof of Concept An exploiter may create a fake tokens whose symbols are cNOTE, cUSDT or cUSDC. When somebody call computrolle’s liquidateCalculateSeizeTokens ,it will give an unlisted token with other token's it can be unlisted token or listed token...