CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

169 matches found

RedhatCVE•added 2026/01/09 9:28 a.m.•13 views

CVE-2023-49798

OpenZeppelin Contracts is a library for smart contract development. A merge issue when porting the 5.0.1 patch to the 4.9 branch caused a line duplication. In the version of Multicall.sol released in @openzeppelin/[email protected] and @openzeppelin/[email protected], all subcalls are...

7.5CVSS6.8AI score0.00543EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:13 a.m.•5 views

CVE-2022-31153

OpenZeppelin Contracts for Cairo is a library for contract development written in Cairo for StarkNet, a decentralized ZK Rollup. Version 0.2.0 is vulnerable to an error that renders account contracts unusable on live networks. This issue affects all accounts vanilla and ethereum flavors in the...

6.5CVSS6.7AI score0.01115EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 9:11 a.m.•9 views

CVE-2022-35915

OpenZeppelin Contracts is a library for secure smart contract development. The target contract of an EIP-165 supportsInterface query can cause unbounded gas consumption by returning a lot of data, while it is generally assumed that this operation has a bounded cost. The issue has been fixed in...

5.3CVSS6.7AI score0.00635EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:11 a.m.•12 views

CVE-2022-35916

OpenZeppelin Contracts is a library for secure smart contract development. Contracts using the cross chain utilities for Arbitrum L2, CrossChainEnabledArbitrumL2 or LibArbitrumL2, will classify direct interactions of externally owned accounts EOAs as cross chain calls, even though they are not...

5.3CVSS6.6AI score0.00475EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:54 a.m.•11 views

CVE-2021-41264

OpenZeppelin Contracts is a library for smart contract development. In affected versions upgradeable contracts using UUPSUpgradeable may be vulnerable to an attack affecting uninitialized implementation contracts. A fix is included in version 4.3.2 of @openzeppelin/contracts and...

9.8CVSS6.8AI score0.01439EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:42 a.m.•12 views

CVE-2022-31170

OpenZeppelin Contracts is a library for smart contract development. Versions 4.0.0 until 4.7.1 are vulnerable to ERC165Checker reverting instead of returning false. ERC165Checker.supportsInterface is designed to always successfully return a boolean, and under no circumstance revert. However, an...

7.5CVSS6.6AI score0.00626EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:42 a.m.•9 views

CVE-2022-31198

OpenZeppelin Contracts is a library for secure smart contract development. This issue concerns instances of Governor that use the module GovernorVotesQuorumFraction, a mechanism that determines quorum requirements as a percentage of the voting token's total supply. In affected instances, when a...

7.5CVSS6.6AI score0.00626EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:39 a.m.•11 views

CVE-2022-35961

OpenZeppelin Contracts is a library for secure smart contract development. The functions ECDSA.recover and ECDSA.tryRecover are vulnerable to a kind of signature malleability due to accepting EIP-2098 compact signatures in addition to the traditional 65 byte signature format. This is only an issu...

7.9CVSS6.7AI score0.00336EPSS

Exploits0References1