975 matches found
CVE-2025-46834
Alchemy's Modular Account is a smart contract account that is compatible with ERC-4337 and ERC-6900. In versions on the 2.x branch prior to commit 5e6f540d249afcaeaf76ab95517d0359fde883b0, owners of Modular Accounts can grant session keys scoped external keys to external parties and would use the...
CVE-2025-46834 Alchemy's Modular Account can use executeUserOp to bypass allowlist prevalidation hook
Alchemy's Modular Account is a smart contract account that is compatible with ERC-4337 and ERC-6900. In versions on the 2.x branch prior to commit 5e6f540d249afcaeaf76ab95517d0359fde883b0, owners of Modular Accounts can grant session keys scoped external keys to external parties and would use the...
CVE-2025-46834 Alchemy's Modular Account can use executeUserOp to bypass allowlist prevalidation hook
Alchemy's Modular Account is a smart contract account that is compatible with ERC-4337 and ERC-6900. In versions on the 2.x branch prior to commit 5e6f540d249afcaeaf76ab95517d0359fde883b0, owners of Modular Accounts can grant session keys scoped external keys to external parties and would use the...
CVE-2025-46834
Summary: CVE-2025-46834 concerns Alchemy’s Modular Account (2.x branch) prior to commit 5e6f540d249afcaeaf76ab95517d0359fde883b0, where the allowlist module fails to check the path from executeUserOp to execute or executeBatch. This gap permits any session key to bypass access controls and access...
CVE-2025-46834 Alchemy's Modular Account can use executeUserOp to bypass allowlist prevalidation hook
Alchemy's Modular Account is a smart contract account that is compatible with ERC-4337 and ERC-6900. In versions on the 2.x branch prior to commit 5e6f540d249afcaeaf76ab95517d0359fde883b0, owners of Modular Accounts can grant session keys scoped external keys to external parties and would use the...
CVE-2025-24007
A vulnerability has been identified in SIRIUS 3RK3 Modular Safety System MSS All versions, SIRIUS Safety Relays 3SK2 All versions. Affected devices only provide weak password obfuscation. An attacker with network access could retrieve and de-obfuscate the safety password used for protection again...
Implementation of Shor Algorithm: Factoring a 4096-Bit Integer under Specific Constraints
In recent years, advancements in quantum chip technology, such as Willow, have contributed to reducing quantum computation error rates, potentially accelerating the practical adoption of quantum computing. As a result, the design of quantum algorithms suitable for real-world applications has beco...
PT-2025-21362 · Unknown · Modular Account De Alchemy
Name of the Vulnerable Software and Affected Versions: Modular Account de Alchemy versions prior to commit 5e6f540d249afcaeaf76ab95517d0359fde883b0 Description: The issue concerns a bug in the allowlist module of Modular Account de Alchemy, which is compatible with ERC-4337 and ERC-6900. This bug...
Modular Account 安全漏洞
Modular Account is an open source application from Alchemy. A security vulnerability exists in Modular Account that stems from the allowlist module not checking the executeUserOp path, which could lead to bypassing access control restrictions...
CVE-2025-24008
A vulnerability has been identified in SIRIUS 3RK3 Modular Safety System MSS All versions, SIRIUS Safety Relays 3SK2 All versions. The affected devices do not encrypt data in transit. An attacker with network access could eavesdrop the connection and retrieve sensitive information, including...
CVE-2025-24009
A vulnerability has been identified in SIRIUS 3RK3 Modular Safety System MSS All versions, SIRIUS Safety Relays 3SK2 All versions. The affected devices do not require authentication to access critical resources. An attacker with network access could retrieve sensitive information from certain dat...
PT-2025-20848 · Siemens · Sirius 3Rk3 Modular Safety System +1
Name of the Vulnerable Software and Affected Versions: SIRIUS 3RK3 Modular Safety System MSS All versions SIRIUS Safety Relays 3SK2 All versions Description: A vulnerability has been identified where affected devices only provide weak password obfuscation. An attacker with network access could...
Siemens SIRIUS 3RK3 Modular Safety System和Siemens SIRIUS Safety Relays 3SK2 安全漏洞
Siemens SIRIUS 3RK3 Modular Safety System and Siemens SIRIUS Safety Relays 3SK2 are both products of Siemens, Germany.Siemens SIRIUS 3RK3 Modular Safety System is a modular safety control system. Siemens SIRIUS Safety Relays 3SK2 is a safety relay. A security vulnerability exists in the Siemens...
PT-2025-20850 · Siemens · Sirius 3Rk3 Modular Safety System +1
Name of the Vulnerable Software and Affected Versions: SIRIUS 3RK3 Modular Safety System MSS All versions SIRIUS Safety Relays 3SK2 All versions Description: A vulnerability has been identified where the affected devices do not require authentication to access critical resources. An attacker with...
Meta Launches LlamaFirewall Framework to Stop AI Jailbreaks, Injections, and Insecure Code
Meta on Tuesday announced LlamaFirewall , an open-source framework designed to secure artificial intelligence AI systems against emerging cyber risks such as prompt injection, jailbreaks, and insecure code, among others. The framework, the company said, incorporates three guardrails, including...
Low Latency FPGA Implementation of Twisted Edward Curve Cryptography Hardware Accelerator over Prime Field
The performance of any elliptic curve cryptography hardware accelerator significantly relies on the efficiency of the underlying point multiplication PM architecture. This article presents a hardware implementation of field-programmable gate array FPGA based modular arithmetic, group operation, a...
GHSA-WFM2-RQ5G-F8V5 @account-kit/smart-contracts Allowlist Module Bypass Vulnerability
Summary Allowlist module contains a bypass vulnerability Details The logic for using an allowlist on a Modular Account V2 contained a bug that allowed session keys to bypass any allowlist configuration Action If you are using @aa-sdk and/or @account-kit/smart-contracts between the versions of...
@account-kit/smart-contracts Allowlist Module Bypass Vulnerability
Summary Allowlist module contains a bypass vulnerability Details The logic for using an allowlist on a Modular Account V2 contained a bug that allowed session keys to bypass any allowlist configuration Action If you are using @aa-sdk and/or @account-kit/smart-contracts between the versions of...
PT-2025-19429 · Npm · @Account-Kit/Smart-Contracts
Summary Allowlist module contains a bypass vulnerability Details The logic for using an allowlist on a Modular Account V2 contained a bug that allowed session keys to bypass any allowlist configuration Action If you are using @aa-sdk and/or @account-kit/smart-contracts between the versions of...
VApps: Verifiable Applications at Internet Scale
Blockchain technology promises a decentralized, trustless, and interoperable infrastructure. However, widespread adoption remains hindered by issues such as limited scalability, high transaction costs, and the complexity of maintaining coherent verification logic across different blockchain layer...