CVE-2026-24783

soroban-fixed-point-math is a fixed-point math library for Soroban smart contacts. In versions 1.3.0 and 1.4.0, the mulDivx, y, z function incorrectly handled cases where both the intermediate product $x y$ and the divisor $z$ were negative. The logic assumed that if the intermediate product was...

EUVD-2026-4710

soroban-fixed-point-math has Incorrect Rounding and Overflow Handling in Signed Fixed-Point Math with Negatives...

CVE-2026-24783 soroban-fixed-point-math has Incorrect Rounding and Overflow Handling in Signed Fixed-Point Math with Negatives

soroban-fixed-point-math is a fixed-point math library for Soroban smart contacts. In versions 1.3.0 and 1.4.0, the mulDivx, y, z function incorrectly handled cases where both the intermediate product $x y$ and the divisor $z$ were negative. The logic assumed that if the intermediate product was...

GHSA-7V7W-F7C6-F829 YetiForceCRM is vulnerable to Business Logic Errors because product amount can be a negative number

YetiForceCRM is vulnerable to Business Logic Errors because product amount can be a negative number...

Business Logic Errors in seriawei/zkeacms

✍️ Description ZKEACMS is vulnerable to Business Logic error through negative product amount. 🕵️‍♂️ Proof of Concept PoC file content: HTML setTimeout = form.submit , 2000; 1. Save the above content into an HTML file. 2. Open it on the browser. Check the shopping cart negative value. PoC video. 💥...