150 matches found
Malicious code in binance-dev (npm)
The package communicates with a domain associated with malicious activity...
MAL-2025-6277 Malicious code in binance-dev (npm)
The package communicates with a domain associated with malicious activity...
MAL-2025-6278 Malicious code in binance-internals (npm)
The package communicates with a domain associated with malicious activity...
Malicious code in binance-internals (npm)
The package communicates with a domain associated with malicious activity...
CVE-2024-23660
The Binance Trust Wallet app for iOS in commit 3cd6e8f647fbba8b5d8844fcd144365a086b629f, git tag 0.0.4 misuses the trezor-crypto library and consequently generates mnemonic words for which the device time is the only entropy source, leading to economic losses, as exploited in the wild in July 202...
CVE-2024-31695
A misconfiguration in the fingerprint authentication mechanism of Binance: BTC, Crypto and NFTS v2.85.4, allows attackers to bypass authentication when adding a new fingerprint...
MAL-2025-1575 Malicious code in binance-connector-ruby (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 41e39728f8654e35cb29f5b837a886f3a5a9ff0dd9b523fc1777672083ae645d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in binance-connector-ruby (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 41e39728f8654e35cb29f5b837a886f3a5a9ff0dd9b523fc1777672083ae645d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2025-27106
binance-trading-bot is an automated Binance trading bot with trailing buy/sell strategy. Authenticated users of binance-trading-bot can achieve Remote Code Execution on the host system due to a command injection vulnerability in the /restore endpoint. The restore endpoint of binance-trading-bot i...
CVE-2025-27106
binance-trading-bot is an automated Binance trading bot with trailing buy/sell strategy. Authenticated users of binance-trading-bot can achieve Remote Code Execution on the host system due to a command injection vulnerability in the /restore endpoint. The restore endpoint of binance-trading-bot i...
CVE-2025-27106 Code injection in binance-trading-bot
binance-trading-bot is an automated Binance trading bot with trailing buy/sell strategy. Authenticated users of binance-trading-bot can achieve Remote Code Execution on the host system due to a command injection vulnerability in the /restore endpoint. The restore endpoint of binance-trading-bot i...
CVE-2025-27106 Code injection in binance-trading-bot
binance-trading-bot is an automated Binance trading bot with trailing buy/sell strategy. Authenticated users of binance-trading-bot can achieve Remote Code Execution on the host system due to a command injection vulnerability in the /restore endpoint. The restore endpoint of binance-trading-bot i...
CVE-2025-27106 Code injection in binance-trading-bot
binance-trading-bot is an automated Binance trading bot with trailing buy/sell strategy. Authenticated users of binance-trading-bot can achieve Remote Code Execution on the host system due to a command injection vulnerability in the /restore endpoint. The restore endpoint of binance-trading-bot i...
CVE-2025-27106
Summary: The vulnerability CVE-2025-27106 affects binance-trading-bot. Authenticated users can trigger a command injection via the "/restore" endpoint, where the uploaded file name is passed to shell.exec without sufficient sanitization, enabling Remote Code Execution on the host. Root cause: Ina...
PT-2025-7632 · Unknown · Binance-Trading-Bot
Name of the Vulnerable Software and Affected Versions: binance-trading-bot versions prior to 0.0.100 Description: The binance-trading-bot is an automated Binance trading bot with a trailing buy/sell strategy. Authenticated users can achieve Remote Code Execution on the host system due to a comman...
Binance Trading Bot 安全漏洞
Binance Trading Bot is an automated trading bot by Chris Lee, a personal developer. A security vulnerability exists in Binance Trading Bot that stems from a command injection vulnerability contained in the /restore port...
Malicious code in binance-toolbox-nodejs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7a585655865db20c2d6f9419d9c516d93d59ac420d066bda570716d917933605 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-12138 Malicious code in binance-toolbox-nodejs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7a585655865db20c2d6f9419d9c516d93d59ac420d066bda570716d917933605 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2024-31695
A misconfiguration in the fingerprint authentication mechanism of Binance: BTC, Crypto and NFTS v2.85.4, allows attackers to bypass authentication when adding a new fingerprint...
CVE-2024-31695
CVE-2024-31695 affects Binance’s BTC, Crypto and NFTS v2.85.4. A misconfiguration in the fingerprint authentication mechanism allows bypass when adding a new fingerprint. Documented in multiple feeds (NVD/Red Hat/CNNVD) with a critical CVSS v3.1 score (9.8, AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). C...