3 matches found
CVE-2026-X4992-Uniswap-PoC
CVE-2026-X4992: Uniswap V3 SwapRouter Reentrancy Vulnerability...
Malicious user can drain the Singularity contract of it's liquidity
Lines of code Vulnerability details Impact The SGLCollateral contract has functionality to allow users to remove and add collateral for the Singularity market. The addCollateral function accepts a skim parameter that, if defined as true, will cause the internal addTokens function to assert that t...
Vault does not normalize decimal on withdrawing
Handle jonah1005 Vulnerability details Impact The vault does not normalize decimals when a user withdraws the token. When a user has 100e18 shares, he can withdraw all usdc/ usdt from the token. The liquidity of USDC/USDC would be drained. I consider this is a high-risk issue. Proof of Concept...