CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2025/10/23 4:25 p.m.•2 views

GO-2025-3997 github.com/MANTRA-Chain/mantrachain/x/tokenfactory tx gas limit is not enforced in send hooks in github.com/MANTRA-Chain/mantrachain

github.com/MANTRA-Chain/mantrachain/x/tokenfactory tx gas limit is not enforced in send hooks in github.com/MANTRA-Chain/mantrachain...

8.8CVSS7AI score0.00305EPSS

Exploits0References4

RedhatCVE•added 2025/10/06 1:8 p.m.•7 views

CVE-2025-61595

8.8CVSS6.4AI score0.00305EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•20 views

EUVD-2025-31776

Malicious code in bioql PyPI...

8.8CVSS6.4AI score0.00305EPSS

Exploits0References5

CVE•added 2025/10/02 7:36 p.m.•15 views

CVE-2025-61595

CVE-2025-61595 pertains to MANTRA Chain. Versions up to 4.0.1 do not enforce the tx gas limit in send hooks, allowing gas to be spent beyond remaining and enabling recursive calls in the wasm contract, potentially causing exponential gas consumption. The issue is fixed in version 4.0.2. Affected ...

8.8CVSS6.3AI score0.00305EPSS

Vulnrichment•added 2025/10/02 7:36 p.m.•1 views

CVE-2025-61595 MANTRA tx gas limit is not enforced in send hooks

8.8CVSS6.3AI score0.00305EPSS

Cvelist•added 2025/10/02 7:36 p.m.•28 views

CVE-2025-61595 MANTRA tx gas limit is not enforced in send hooks

8.8CVSS0.00305EPSS

CNNVD•added 2025/10/02 12:0 a.m.•3 views

Mantrachain 安全漏洞

Mantrachain is a blockchain software open source by MANTRA Chain. A security vulnerability exists in Mantrachain version 4.0.1 and earlier, which stems from an unenforced transactional gas limit that could lead to exponential gas consumption...

8.8CVSS8.8AI score0.00305EPSS

Github Security Blog•added 2025/09/30 9:6 p.m.•10 views

github.com/MANTRA-Chain/mantrachain/x/tokenfactory tx gas limit is not enforced in send hooks

Impact send hooks can spend more gas than what's remained in tx, combined with recursive calls in the wasm contract, can amplify the gas consumption exponentially. Patches It's patched in v4.0.2 and v5.0.0 Workarounds Is there a way for users to fix or remediate the vulnerability without upgradin...

8.8CVSS6.8AI score0.00305EPSS

Exploits0References6Affected Software4

OSV•added 2025/09/30 9:6 p.m.•3 views

GHSA-QWVM-WQQ8-8J69 github.com/MANTRA-Chain/mantrachain/x/tokenfactory tx gas limit is not enforced in send hooks

8.8CVSS6.8AI score0.00305EPSS

Exploits0References6

Arbitrary Code Injection

Overview Affected versions of this package are vulnerable to Arbitrary Code Injection through the improper handling of gas limits in precompile executions. An attacker can manipulate the state of the blockchain by causing certain functions to execute with insufficient gas, leading to incomplete...

Snyk•added 2025/05/14 5:35 p.m.•2 views

Arbitrary Code Injection

Arbitrary Code Injection

Arbitrary Code Injection

Snyk•added 2025/05/14 5:35 p.m.•3 views

Arbitrary Code Injection

Snyk•added 2025/05/14 5:35 p.m.•2 views

Arbitrary Code Injection

Arbitrary Code Injection

Arbitrary Code Injection

Veracode•added 2024/04/18 5:25 a.m.•13 views

Denial Of Service (DOS)

github.com/evmos/evmos is vulnerable to a Denial Of Service. The vulnerability is due to improper handling of nested MsgEthereumTx messages, allowing bypass of the block gas limit and causing indefinite chain halts...

7AI score

Exploits0

OSV•added 2024/04/17 5:35 p.m.•13 views

GHSA-V6RW-HHGG-WC4X Evmos vulnerable to DOS and transaction fee expropiation through Authz exploit

Impact What kind of vulnerability is it? Who is impacted? An attacker can use this bug to bypass the block gas limit and gas payment completely to perform a full Denial-of-Service against the chain. Disclosure Evmos versions below v11.0.1 do not check for MsgEthereumTx messages that are nested...

9.1CVSS7.1AI score