Lucene search
K

12 matches found

CVE
CVE
added 2026/04/22 7:43 p.m.21 views

CVE-2026-34064

The CVE-2026-34064 issue affects Nimiq-account’s VestingContract in the Rust implementation. Before v1.3.0, VestingContract::can_change_balance can produce AccountError::InsufficientFunds and builds the error with balance = self.balance - min_cap; if min_cap > balance, Coin::sub underflows and...

8.2CVSS5.7AI score0.00275EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/04/22 7:43 p.m.26 views

CVE-2026-34064 nimiq-account: Vesting insufficient funds error can panic

nimiq-account contains account primitives to be used in Nimiq's Rust implementation. Prior to version 1.3.0, VestingContract::canchangebalance returns AccountError::InsufficientFunds when newbalance balance, the node crashes while trying to return an error. The mincap balance precondition is...

5.3CVSS0.00275EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/22 7:43 p.m.6 views

CVE-2026-34064

nimiq-account contains account primitives to be used in Nimiq's Rust implementation. Prior to version 1.3.0, VestingContract::canchangebalance returns AccountError::InsufficientFunds when newbalance balance, the node crashes while trying to return an error. The mincap balance precondition is...

5.3CVSS5.7AI score0.00275EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/22 7:43 p.m.4 views

CVE-2026-34064 nimiq-account: Vesting insufficient funds error can panic

nimiq-account contains account primitives to be used in Nimiq's Rust implementation. Prior to version 1.3.0, VestingContract::canchangebalance returns AccountError::InsufficientFunds when newbalance balance, the node crashes while trying to return an error. The mincap balance precondition is...

5.3CVSS5.7AI score0.00275EPSS
Exploits0References4
OSV
OSV
added 2026/04/22 7:18 p.m.5 views

GHSA-VC34-39Q2-M6Q3 nimiq-account: Vesting insufficient funds error can panic

Impact VestingContract::canchangebalance returns AccountError::InsufficientFunds when newbalance balance, the node crashes while trying to return an error. The mincap balance precondition is attacker-reachable because the vesting contract creation data 32-byte format allows encoding totalamount...

5.3CVSS5.8AI score0.00275EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2026/04/22 7:18 p.m.10 views

nimiq-account: Vesting insufficient funds error can panic

Impact VestingContract::canchangebalance returns AccountError::InsufficientFunds when newbalance balance, the node crashes while trying to return an error. The mincap balance precondition is attacker-reachable because the vesting contract creation data 32-byte format allows encoding totalamount...

8.2CVSS5.8AI score0.00275EPSS
Exploits0References6Affected Software1
Code423n4
Code423n4
added 2024/01/08 12:0 a.m.19 views

Insufficient Fund Guard for Treasury Reward Rebalancing Due to Unrestricted Withdrawals

Lines of code Vulnerability details Impact The potential issue identified in the Treasury.rebalanceTreasuryinvolves the risk of failing to transfer treasury rewards from ETHFromServices to ETHOwned due to insufficient funds in ETHFromServices. This situation can arise when the withdrawToAccount...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/08/07 12:0 a.m.9 views

Overstatement of Available Funds Due to Logic Error

Lines of code Vulnerability details Impact The computeAvailable function in VaultBooster.sol could potentially overstate the available balance in certain situations. Two functions rely on computeAvailable for determining the available funds, such as liquidate, accrue. If the overstated balance fr...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/10/29 12:0 a.m.9 views

forceReplenish(),borrowInternal() do not judge dola balances in contracts

Lines of code Vulnerability details Impact lender can call recall to transfer amout amount of dola tokens, so it is likely that lender will transfer most of market's funds function recalluint amount public requiremsg.sender == lender, "Only lender can recall"; dola.transfermsg.sender, amount; If...

7AI score
Exploits0
Code423n4
Code423n4
added 2022/07/04 12:0 a.m.10 views

Orders could be unable to be fulfilled due to insufficient fund/underlying when when filled

Lines of code Vulnerability details Orders could be unable to be fulfilled due to insufficient fund/underlying when when filled Proof of Concept Let's say on day 1, Alice created a long call order for 5 ERC721 Bored Apesid1, id2, id3, id4, id5, with premium 2.5 ETH. But there will be a gap betwee...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/01/11 12:0 a.m.8 views

Possibility of insufficient funds in Vault

Handle palina Vulnerability details Impact In Vault.sol, totalUnderlying and, therefore, totalUnderlyingMinusSponsored include both funds available in the Vault as well as those invested in the Strategy. The calculation of amounts returned to depositors and sponsors in withdraw and unsponsor also...

6.8AI score
Exploits0
Hacker One
Hacker One
added 2017/11/27 7:12 p.m.19 views

HackerOne: Validation message in Bounty award endpoint can be used to determine program balances

Summary: Hi team, Found a idor in Checking if a Team has sufficient fund to award Steps To Reproduce 1. Start a new program and login to the account 2. A demo Report will be there 3. Then Set award Amount $100 4. Set award and intercept the request 5. change the reportids to 262262 262262 - mixma...

6.5AI score
Exploits0
Rows per page
Query Builder