CVE-2025-27611 base-x homograph attack allows Unicode lookalike characters to bypass validation.

base-x is a base encoder and decoder of any given alphabet using bitcoin style leading zero compression. Versions 4.0.0, 5.0.0, and all prior to 3.0.11, are vulnerable to attackers potentially deceiving users into sending funds to an unintended address. This issue has been patched in versions...

@astrobase/core (>=0.2.0 <=0.4.0), @indiebackend/domain-ids (>=0.0.1 <=1.0.3) +2 more potentially affected by CVE-2025-27611 via base-x (=5.0.0)

base-x NPM version =5.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on base-x and may be impacted: - @astrobase/core =0.2.0, =0.0.1, =0.0.11, =0.5.0, =0.5.15 Source cves: CVE-2025-27611 Source advisory: OSV:GHSA-XQ7P-G2VC-G82P...

@1tokenfe/cross-inpage-provider-injected (=2.2.46), @1tokenfe/inpage-providers-hub (=2.2.46) +129 more potentially affected by CVE-2025-27611 via base-x (=4.0.0)

base-x NPM version =4.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on base-x and may be impacted: - @1tokenfe/cross-inpage-provider-injected =2.2.46 - @1tokenfe/inpage-providers-hub =2.2.46 - @1tokenfe/onetoken-alph-provider =2.2.46 -...

base-x 安全漏洞

base-x is a cryptocoinjs open source tool for encoding/decoding any base. A security vulnerability exists in base-x versions prior to 3.0.11, 4.0.0, and 5.0.0, which stems from a vulnerability that could cause a user to send funds to an unintended address...

PT-2025-18320 · Base-X · Base-X

Name of the Vulnerable Software and Affected Versions: base-x versions prior to 3.0.11 base-x version 4.0.0 base-x version 5.0.0 Description: The issue allows attackers to potentially deceive users into sending funds to an unintended address. This is achieved through a problem in the base-x encod...