PT-2026-33499

Name of the Vulnerable Software and Affected Versions xrdp versions prior to 0.10.6 Description A heap-based buffer overflow exists in the logon processing of this open source RDP server. When the domain user separator is configured in the 'xrdp.ini' file, an unauthenticated remote attacker can...

Permits may be reused after token upgrade

Lines of code Vulnerability details Impact The StandardizedToken contract inherits the ERC20Permit contract which in the case of an upgradable/proxied Token would allow permits for a previous version of the Token to be used on any subsequent version of it. NOTE that ERC20Permit is not explicitly ...

untyped data signing

Lines of code Vulnerability details in function deployHolographableContract the bytes32 hash is directly encoded without adding any domain separator . this will cause several issues an attacker can front run the signature and use them on same contract on another chain . eg a user wants to call...

Signature can be reused across forks due to lack of chainid validation

Lines of code Vulnerability details Impact The signature for GraphTokenUpgradeable.permit won't be resilient to chainsplits. In the event of a chain fork, the message will be assumed valid of both chains and this could allow replays attacks across forks. Proof of Concept The chainid for the...

Signature replay

Lines of code Vulnerability details Impact Neither the signed content nor the signature are associated with the contract DOMAINSEPARATOR. Therefore, both can be repeated in other contracts that use similar values, usually the same builder or contractor addresses.. Proof of Concept In some areas o...