5 matches found
MAL-2026-1966 Malicious code in restaking-apy-module (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8aa08edde60ee1a5b831af5088eaaf1b9b490ab5975541f8036f4efac42d6840 The package restaking-apy-module was found to contain malicious code. Source: ghsa-malware...
Malicious code in defillama-apy-server (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5607feee6e6c7126d6cba02f493742dca4eee003dd55793c1346373a66cbb9c7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
stETHs rebase profit stealing
Lines of code Vulnerability details Description It's possible with flashloan from AAVE to capture a big shares amount of eUSD, after each stETH rebase exploiter will buy excessive income, which leads to eUSD rebase due to shares burning, so the exploiter will have most of burned eUSD because they...
A user can 'borrow' dMute balance for a single block to increase their amplifier APY
Lines of code Vulnerability details The amplifier's APY is calculated based on the user's dMute balance delegation balance to be more accurate - the more dMute the user holds the higher APY they get. However, the contract only checks the user's dMute balance at staking, the user doesn't have to...
Annualized fee APY dependence on the frequency of executing a function
Handle Czar102 Vulnerability details Impact The APY of the annualized fee is dependent on the frequency of the execution of the BasketFacet::chargeOutstandingAnnualizedFee. If it is called more frequently, the compounding is more frequent and the APY is higher. For less used baskets, the APY migh...