GHSA-M6WQ-66P2-C8PC Babylon Nil BlockHash in BLS vote extensions triggers panics in consensus handlers

Summary A vulnerability exists in Babylon’s BLS vote extension processing where a malicious active validator can submit a VoteExtension with the blockhash field omitted from the protobuf serialization. Because protobuf fields are optional, unmarshalling succeeds but leaves BlockHash as nil. Babyl...

EUVD-2025-29512

Malicious code in bioql PyPI...

GO-2025-3801 Babylon vulnerable to chain halt when a message modifies the validator set at the epoch boundary in github.com/babylonlabs-io/babylon

Babylon vulnerable to chain halt when a message modifies the validator set at the epoch boundary in github.com/babylonlabs-io/babylon...

Improper Check for Unusual or Exceptional Conditions

Overview Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions via the validator set modification process at the epoch boundary. An attacker can cause the chain to halt by sending a message that alters the validator set during this critical...

Improper Check for Unusual or Exceptional Conditions

Overview Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions via the validator set modification process at the epoch boundary. An attacker can cause the chain to halt by sending a message that alters the validator set during this critical...

GHSA-RJ53-J6JW-7F7G Babylon vulnerable to chain halt when a message modifies the validator set at the epoch boundary

Summary Sending a message that modifies the validator set at the epoch boundary halts the chain. Impact Denial of Service - Comos-sdk prevents modifying the validator set from two different modules - https://github.com/cosmos/cosmos-sdk/blob/release/v0.50.x/types/module/module.goL811. Such an...

Babylon vulnerable to chain halt when a message modifies the validator set at the epoch boundary

Summary Sending a message that modifies the validator set at the epoch boundary halts the chain. Impact Denial of Service - Comos-sdk prevents modifying the validator set from two different modules - https://github.com/cosmos/cosmos-sdk/blob/release/v0.50.x/types/module/module.goL811. Such an...

bypass flow limit by transferring tokens at epoch's boarder

Lines of code Vulnerability details Impact Token flow can reach 2flowlimit in a very short time. Proof of Concept We store the flow out and flow in tokens numbers for every epoch: / @dev Returns the slot which is used to get the flow out amount for a specific epoch @param epoch The epoch to get t...