EUVD-2026-31947

Magic Wormhole makes it possible to get arbitrary-sized files and directories from one computer to another. Prior to 0.24.0, there is a path traversal when a receiver who specifies "--output " where that output directory currently exists as a directory. This vulnerability is fixed in 0.24.0...

Arbitrary transfers following approvals can lead to loss of funds/NFTS

Lines of code Vulnerability details Impact These three transfer functions allow an attacker to supply an arbitrary from and to to transfer ERC20s, ERC721s, and ERC1155s. The moment that a user sets approval for the contract to spend their tokens, an attacker can front-run the next call and steal...

Virgo_ZodiacToken Logic Flaw Vulnerability

VirgoZodiacToken is an Ether-based digital currency. A security vulnerability exists in VirgoZodiacToken's smart contract implementation that stems from the program's use of '='. An attacker could use the vulnerability to transfer funds from an arbitrary address to a user's address...