EUVD-2025-7225

Malicious code in bioql PyPI...

EUVD-2025-29513

Malicious code in bioql PyPI...

MAL-2025-17631 Malicious code in cosmwasm-clients (npm)

The package cosmwasm-clients was found to contain malicious code...

Malicious code in cosmwasm-clients (npm)

The package cosmwasm-clients was found to contain malicious code...

CVE-2024-58263

The cosmwasm-std crate before 2.0.2 for Rust allows integer overflows that cause incorrect contract calculations...

GHSA-RM83-PXJX-PR5J Duplicate Advisory: CosmWasm affected by arithmetic overflows

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-8724-5xmm-w5xq. This link is maintained to preserve external references. Original Description The cosmwasm-std crate before 2.0.2 for Rust allows integer overflows that cause incorrect contract calculations...

Duplicate Advisory: CosmWasm affected by arithmetic overflows

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-8724-5xmm-w5xq. This link is maintained to preserve external references. Original Description The cosmwasm-std crate before 2.0.2 for Rust allows integer overflows that cause incorrect contract calculations...

CVE-2024-58263

The cosmwasm-std crate before 2.0.2 for Rust allows integer overflows that cause incorrect contract calculations...

CVE-2024-58263

The cosmwasm-std crate before 2.0.2 for Rust allows integer overflows that cause incorrect contract calculations...

CVE-2024-58263

The cosmwasm-std crate before 2.0.2 for Rust allows integer overflows that cause incorrect contract calculations...

cosmwasm-std crate 输入验证错误漏洞

cosmwasm-std crate is a CosmWasm open source framework for building smart contracts in Wasm for the Cosmos SDK. An input validation error vulnerability exists in cosmwasm-std crate versions prior to 2.0.2, which stems from an integer overflow that could lead to a computation error...

CVE-2024-58263

CVE-2024-58263 concerns the cosmwasm-std crate prior to version 2.0.2 for Rust, which allows integer overflows that can lead to incorrect contract calculations. The vulnerability stems from wrapping arithmetic used in core operations, potentially causing miscalculations in smart contracts that re...

CVE-2024-58263

The cosmwasm-std crate before 2.0.2 for Rust allows integer overflows that cause incorrect contract calculations...

Integer Overflow

github.com/cosmwasm/wasmd is vulnerable to integer overflow. The vulnerability is due to a contract error being ignored during IBC channel initialization, allowing the channel to open despite the error...

CVE-2025-25500

An issue in CosmWasm prior to v2.2.0 allows attackers to bypass capability restrictions in blockchains by exploiting a lack of runtime capability validation. This allows attackers to deploy a contract without capability enforcement, and execute unauthorized actions on the blockchain...

CosmWasm Allows Bypass of Capability Restrictions in Blockchains

An issue in CosmWasm prior to v2.2.0 allows attackers to bypass capability restrictions in blockchains by exploiting a lack of runtime capability validation. This allows attackers to deploy a contract without capability enforcement, and execute unauthorized actions on the blockchain...

GHSA-CG8R-JWG7-R2X4 CosmWasm Allows Bypass of Capability Restrictions in Blockchains

An issue in CosmWasm prior to v2.2.0 allows attackers to bypass capability restrictions in blockchains by exploiting a lack of runtime capability validation. This allows attackers to deploy a contract without capability enforcement, and execute unauthorized actions on the blockchain...

CVE-2025-25500

An issue in CosmWasm prior to v2.2.0 allows attackers to bypass capability restrictions in blockchains by exploiting a lack of runtime capability validation. This allows attackers to deploy a contract without capability enforcement, and execute unauthorized actions on the blockchain...

CVE-2025-25500

An issue in CosmWasm prior to v2.2.0 allows attackers to bypass capability restrictions in blockchains by exploiting a lack of runtime capability validation. This allows attackers to deploy a contract without capability enforcement, and execute unauthorized actions on the blockchain...

CVE-2025-25500

CosmWasm prior to v2.2.0 is affected. The issue stems from a lack of runtime capability validation, allowing an attacker to bypass capability restrictions, deploy a contract without enforcement, and perform unauthorized blockchain actions. Affected software: CosmWasm (pre-2.2.0). Root cause: insu...