Malicious code in eth-liquid-staking-sdk (npm)

The package eth-liquid-staking-sdk was found to contain malicious code...

MAL-2025-41978 Malicious code in eth-liquid-staking-sdk (npm)

The package eth-liquid-staking-sdk was found to contain malicious code...

High privilege of setWithholdRatio function

Lines of code Vulnerability details Impact With the setWithholdRatio function, most of the funds can be authorized to be confiscated, such authority is too high and can confuse users, If this authority is to be used for commission deduction, it should be clearly stated. Proof of Concept /// @noti...