Cosmos: Economic DoS (Griefing) on IBC Relayers via `memo` Callback Gas Exploitation

Summary of Impact This vulnerability allows an attacker to bypass the relayer's simulation defense and force permissionless relayers to execute computationally expensive, but 'successful', transactions via the memo callback feature. This creates an asymmetric economic attack where the relayer's...

EUVD-2025-29377

Malicious code in bioql PyPI...

EUVD-2025-29368

Malicious code in bioql PyPI...

Deserialization of Untrusted Data

Overview github.com/cosmos/ibc-go/v10/modules/core/04-channel/keeper is an interblockchain communication protocol IBC implementation in Golang built as a SDK module. Affected versions of this package are vulnerable to Deserialization of Untrusted Data due to inconsistencies in the deserialization...

GO-2022-1066 Potential inter-blockchain communication (IBC) protocol compromise via "Dragonberry" vulnerability in cheqd in github.com/cheqd/cheqd-node

Potential inter-blockchain communication IBC protocol compromise via "Dragonberry" vulnerability in cheqd in github.com/cheqd/cheqd-node...

GO-2024-2874 Inter-Blockchain Communication (IBC) protocol "Huckleberry" vulnerability in github.com/cosmos/ibc-go

The ibc-go module is affected by the Inter-Blockchain Communication IBC protocol "Huckleberry" vulnerability. The vulnerability allowed an attacker to send arbitrary transactions onto target chains and trigger arbitrary state transitions, including but not limited to, theft of funds. It was...

Weak Encryption

github.com/cheqd/cheqd-node is vulnerable to weak encryption. The vulnerability exists in package-lock.json because it does not properly validate the inter-blockchain communication protocol...

PT-2023-33077 · Ibc-Go · Ibc-Go

Name of the Vulnerable Software and Affected Versions: ibc-go module affected versions not specified Description: The issue is related to the Inter-Blockchain Communication IBC protocol, specifically the "Huckleberry" vulnerability. Recommendations: At the moment, there is no information about a...

Potential inter-blockchain communication (IBC) protocol compromise via "Dragonberry" vulnerability in cheqd

Impact This vulnerability affects IBC transfers due to a security vulnerability dubbed "Dragonberry" upstream in Cosmos SDK. The vulnerability could allow malicious attackers to compromise chain-to-chain IBC transfers. There is no vulnerability in the DID/resource modules for cheqd-node. Patches...