Lucene search
K

7 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/11 4:37 a.m.3 views

Malicious code in flashbot-sdk-eth (npm)

The package flashbot-sdk-eth was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 52a62baf78e0196a1a1b9281fdbc9a6739bdac59ba497de64a461a107a173f97 Any computer that has this package installed or running should be considered fully...

6.9AI score
Exploits0References1
Snyk
Snyk
added 2025/09/11 4:37 a.m.1 views

Malicious Package

Overview flashbot-sdk-eth is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score
Exploits0References2
OSV
OSV
added 2025/09/11 4:37 a.m.5 views

MAL-2025-47059 Malicious code in flashbot-sdk-eth (npm)

The package flashbot-sdk-eth was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 52a62baf78e0196a1a1b9281fdbc9a6739bdac59ba497de64a461a107a173f97 Any computer that has this package installed or running should be considered fully...

6.9AI score
Exploits0References1
Code423n4
Code423n4
added 2023/11/17 12:0 a.m.11 views

Sandwich attack on buy()

Lines of code Vulnerability details Impact Function Market:buy does not check or take in a minimum buy amount. This makes users' funds vulnerable to sandwich attacks. buy will increase shareDataid.tokenCount, and thus change the exchange rate of share price. price, fee =...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2023/07/10 12:0 a.m.10 views

Long term denial of service due to lack of fees in Well

Lines of code Vulnerability details Description The Well allows users to permissionless swap assets or add and remove liquidity. Users specify the intended slippage in swapFrom, in minAmountOut. The ConstantProduct2 implementation ensures Kend - Kstart = 0, where K = Reserve1 Reserve2, and the...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/01/26 12:0 a.m.12 views

Attacker can collect all positive rebase from the poll

Handle gzeon Vulnerability details Impact The concept of ElasticSwap is not to change relative price upon positive rebase event. However, this allow an attacker to sandwich a known positive rebase event for profit. Proof of Concept 1. Assuming we have pool with 10000 base and 10000 quote token 2...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/11/13 12:0 a.m.8 views

add liquidity is vulnerable to sandwich attack

Handle jonah1005 Vulnerability details add liquidity is vulnerable to MEV Impact addLiquidity in the VaderRouter and VaderRouterV2 contract does not check the minimum liquidity amount. This makes users' funds vulnerable to sandwich attacks. The team says a minimum amount is not required as the...

6.7AI score
Exploits0
Rows per page
Query Builder