CVE-2025-66692

A buffer over-read in the PublicKey::verify method of Binance - Trust Wallet Core before commit 5668c67 allows attackers to cause a Denial of Service DoS via a crafted input...

CVE-2025-66692

A buffer over-read in the PublicKey::verify method of Binance - Trust Wallet Core before commit 5668c67 allows attackers to cause a Denial of Service DoS via a crafted input...

CVE-2025-66692

A buffer over-read in the PublicKey::verify method of Binance - Trust Wallet Core before commit 5668c67 allows attackers to cause a Denial of Service DoS via a crafted input...

Buffer Over-read

Overview @trustwallet/wallet-core is a mobile-focused library implementing low-level cryptographic wallet functionality for a high number of blockchains Affected versions of this package are vulnerable to Buffer Over-read via the verify function. An attacker can cause the application to crash or...

CVE-2025-66692

A buffer over-read in the PublicKey::verify method of Binance - Trust Wallet Core before commit 5668c67 allows attackers to cause a Denial of Service DoS via a crafted input...

CVE-2025-66692

CVE-2025-66692 affects Binance - Trust Wallet Core. A buffer over-read in PublicKey::verify() prior to commit 5668c67 enables DoS via crafted input. Affected: Trust Wallet Core library; root cause: buffer over-read in verify(). Remediation: upgrade wallet-core to 4.4.0+ (e.g., 4.4.0 or newer). Ex...

CVE-2025-66692

A buffer over-read in the PublicKey::verify method of Binance - Trust Wallet Core before commit 5668c67 allows attackers to cause a Denial of Service DoS via a crafted input...

PT-2026-3650

A buffer over-read in the PublicKey::verify method of Binance - Trust Wallet Core before commit 5668c67 allows attackers to cause a Denial of Service DoS via a crafted input...

CVE-2025-66692

A buffer over-read in the PublicKey::verify method of Binance - Trust Wallet Core before commit 5668c67 allows attackers to cause a Denial of Service DoS via a crafted input...

Trust Wallet Core security vulnerability

Trust Wallet Core is an open-source, cross-platform, mobile-centric library developed by Trust Wallet. Versions of Trust Wallet Core prior to 5668c67 contained a security vulnerability. This vulnerability stemmed from an excessive buffer read in the PublicKey::verify method, which could lead to...

CVE-2023-31290

Trust Wallet Core before 3.1.1, as used in the Trust Wallet browser extension before 0.0.183, allows theft of funds because the entropy is 32 bits, as exploited in the wild in December 2022 and March 2023. This occurs because the mt19937 Mersenne Twister takes a single 32-bit value as an input...

Inadequate Encryption Strength

Overview trustwallet/wallet-core is a mobile-focused library implementing low-level cryptographic wallet functionality for a high number of blockchains Affected versions of this package are vulnerable to Inadequate Encryption Strength in its mt19937 seed generation, which has only 32 bits of...

CVE-2023-31290

Trust Wallet Core before 3.1.1, as used in the Trust Wallet browser extension before 0.0.183, allows theft of funds because the entropy is 32 bits, as exploited in the wild in December 2022 and March 2023. This occurs because the mt19937 Mersenne Twister takes a single 32-bit value as an input...

CVE-2023-31290

Trust Wallet Core before 3.1.1, as used in the Trust Wallet browser extension before 0.0.183, allows theft of funds because the entropy is 32 bits, as exploited in the wild in December 2022 and March 2023. This occurs because the mt19937 Mersenne Twister takes a single 32-bit value as an input...

CVE-2023-31290

Trust Wallet Core before 3.1.1, as used in the Trust Wallet browser extension before 0.0.183, allows theft of funds because the entropy is 32 bits, as exploited in the wild in December 2022 and March 2023. This occurs because the mt19937 Mersenne Twister takes a single 32-bit value as an input...

VulnCheck KEV: CVE-2023-31290

Trust Wallet Core before 3.1.1, as used in the Trust Wallet browser extension before 0.0.183, allows theft of funds because the entropy is 32 bits, as exploited in the wild in December 2022 and March 2023. This occurs because the mt19937 Mersenne Twister takes a single 32-bit value as an input...

Trust Wallet Core 安全特征问题漏洞

Trust Wallet Core is an open source, cross-platform, mobile-centric library from Trust Wallet, Inc. A security vulnerability exists in Trust Wallet Core versions prior to 3.1.1, Trust Wallet browser extension prior to 0.0.183, which stems from mt19937 Mersenne Twister uses a single 32-bit value a...

CVE-2023-31290

Trust Wallet Core before 3.1.1, as used in the Trust Wallet browser extension before 0.0.183, allows theft of funds because the entropy is 32 bits, as exploited in the wild in December 2022 and March 2023. This occurs because the mt19937 Mersenne Twister takes a single 32-bit value as an input...

PT-2023-23277

Name of the Vulnerable Software and Affected Versions Trust Wallet Core versions prior to 3.1.1 Trust Wallet browser extension versions 0.0.172 through 0.0.182 Description The issue allows theft of funds due to insufficient entropy, which is 32 bits. This is because the mt19937 Mersenne Twister...