EUVD-2024-2214

Malicious code in bioql PyPI...

Malicious code in eth-liquid-staking-sdk (npm)

The package eth-liquid-staking-sdk was found to contain malicious code...

MAL-2025-41978 Malicious code in eth-liquid-staking-sdk (npm)

The package eth-liquid-staking-sdk was found to contain malicious code...

CVE-2024-37153

Evmos is the Ethereum Virtual Machine EVM Hub on the Cosmos Network. There is an issue with how to liquid stake using Safe which itself is a contract. The bug only appears when there is a local state change together with an ICS20 transfer in the same function and uses the contract's balance, that...

PT-2024-27337 · Evmos · Evmos

Name of the Vulnerable Software and Affected Versions: Evmos versions prior to V18.1.0 Description: The issue is related to liquid staking using Safe, which is a contract. The bug appears when there is a local state change together with an ICS20 transfer in the same function, and it uses the...

Tenet and LayerZero Forge Cross-Chain LSD Adoption

By Owais Sultan Tenet and LayerZero Partner to Pioneer Cross-Chain Liquidity for Liquid Staking Derivatives. This is a post from HackRead.com Read the original post: Tenet and LayerZero Forge Cross-Chain LSD Adoption...

[H-01] RETH oracle manipulation allows attacker to steal funds

Lines of code Vulnerability details Impact The Asymmetry SafEth protocol aims to help diversify and decentralize liquid staking derivatives, exchanging ether staked in the protocol for staked ether derivative tokens based on some relative weighting. A function exposed by these derivative wrapper...

Upgraded Q -> M from #205 [1669936745167]

Judge has assessed an item in Issue 205 as M risk. The relevant finding follows: L01 - No check if EOARepresentative or EOARepresentativeOfNodeRunner is an EOA or a smart contract Impact A smart contract can end up being assigned as a smartWalletRepresentative. Such smart contract might not have...

Upgraded Q -> M from #121 [1669815281189]

Judge has assessed an item in Issue 121 as M risk. The relevant finding follows: Require - always false contracts/liquid-staking/LiquidStakingManager.sol:280 isNodeRunnerWhitelistednodeRunner comparing to itself requireisNodeRunnerWhitelistednodeRunner != isNodeRunnerWhitelistednodeRunner,...

Medium: Giant pools are prone to user griefing, preventing their holdings from being staked.

Lines of code Vulnerability details Description batchRotateLPTokens in GiantMevAndFeesPool allows any user to rotate LP tokens of stakingFundsVaults around. function batchRotateLPTokens address calldata stakingFundsVaults, LPToken calldata oldLPTokens, LPToken calldata newLPTokens, uint256 callda...

HIGH : The Giant pools can be drained by any user.

Lines of code Vulnerability details Description In GiantSavETHVaultPool.sol, batchDepositETHForStaking is used to deposit held funds to savETHPool vault: function batchDepositETHForStaking address calldata savETHVaults, uint256 calldata ETHTransactionAmounts, bytes calldata blsPublicKeys, uint256...

batchDepositETHForStaking in GiantMevAndFeesPool.sol can be ticked to steal all ETH in the pool

Lines of code Vulnerability details Impact All Eth can be drained by fake vault addresses. Proof of Concept In batchDepositETHForStaking, stakingFundsVault is checked for its validity through StakingFundsVault sfv = StakingFundsVaultpayablestakingFundsVaulti; require...

batchRotateLPTokens in GiantSavETHVaultPool can be used to steal LPTokens

Lines of code Vulnerability details Impact real LPTokens can be transferred out of GiantSavETHVaultPool through fake stakingFundsVaults provided by an attacker. Proof of Concept batchRotateLPTokens takes in stakingFundsVaults, oldLPTokens, newLPTokens and rotate amounts from old to new tokens. Th...

HIGH : The Giant pools can be drained by any user.

Lines of code Vulnerability details Description In GiantSavETHVaultPool.sol, batchDepositETHForStaking is used to deposit held funds to savETHPool vault: function batchDepositETHForStaking address calldata savETHVaults, uint256 calldata ETHTransactionAmounts, bytes calldata blsPublicKeys, uint256...

batchRotateLPTokens in GiantMevAndFeesPool can be used to steal LPTokens

Lines of code Vulnerability details Impact real LPTokens can be transferred out of GiantMevAndFeesPool through fake stakingFundsVaults provided by an attacker. Proof of Concept batchRotateLPTokens takes in stakingFundsVaults, oldLPTokens, newLPTokens and rotate amounts from old to new tokens. The...

High privilege of setWithholdRatio function

Lines of code Vulnerability details Impact With the setWithholdRatio function, most of the funds can be authorized to be confiscated, such authority is too high and can confuse users, If this authority is to be used for commission deduction, it should be clearly stated. Proof of Concept /// @noti...

The Frax ETH liquid staking protocol WRONGLY assumes that the users can convert their sfrxETH for more frxETH over time

Lines of code Vulnerability details Impact The Frax ETH liquid staking protocol WRONGLY assumes that the users can convert their sfrxETH for more frxETH over time.But because of any untoward incident if the validators stake can gets slashed, then this assumption will be wrong and can cause severe...