EUVD-2025-0168

Malicious code in bioql PyPI...

Malicious code in zkpay-plonky2-contract (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ca4c0b192b94b3273cd949b9abe540803dab23bf3c1acc0d6b5405efae321f4e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-1263 Malicious code in zkpay-plonky2-contract (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ca4c0b192b94b3273cd949b9abe540803dab23bf3c1acc0d6b5405efae321f4e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2025-24802

Plonky2 is a SNARK implementation based on techniques from PLONK and FRI. Lookup tables, whose length is not divisible by 26 = floornumroutedwires / 3 always include the 0 - 0 input-output pair. Thus a malicious prover can always prove that f0 = 0 for any lookup table f unless its length happens ...

CVE-2025-24802

Plonky2 is a SNARK implementation based on techniques from PLONK and FRI. Lookup tables, whose length is not divisible by 26 = floornumroutedwires / 3 always include the 0 - 0 input-output pair. Thus a malicious prover can always prove that f0 = 0 for any lookup table f unless its length happens ...

Soundness issue with Plonky2 look up tables

Impact Lookup tables, whose length is not divisible by 26 = floornumroutedwires / 3 always include the 0 - 0 input-output pair. Thus a malicious prover can always prove that f0 = 0 for any lookup table f unless its length happens to be divisible by 26. The cause of problem is that the...

GHSA-HJ49-H7FQ-PX5H Soundness issue with Plonky2 look up tables

Impact Lookup tables, whose length is not divisible by 26 = floornumroutedwires / 3 always include the 0 - 0 input-output pair. Thus a malicious prover can always prove that f0 = 0 for any lookup table f unless its length happens to be divisible by 26. The cause of problem is that the...

CVE-2025-24802 Soundness issue with Plonky2 look up tables

Plonky2 is a SNARK implementation based on techniques from PLONK and FRI. Lookup tables, whose length is not divisible by 26 = floornumroutedwires / 3 always include the 0 - 0 input-output pair. Thus a malicious prover can always prove that f0 = 0 for any lookup table f unless its length happens ...

CVE-2025-24802 Soundness issue with Plonky2 look up tables

Plonky2 is a SNARK implementation based on techniques from PLONK and FRI. Lookup tables, whose length is not divisible by 26 = floornumroutedwires / 3 always include the 0 - 0 input-output pair. Thus a malicious prover can always prove that f0 = 0 for any lookup table f unless its length happens ...

CVE-2025-24802 Soundness issue with Plonky2 look up tables

Plonky2 is a SNARK implementation based on techniques from PLONK and FRI. Lookup tables, whose length is not divisible by 26 = floornumroutedwires / 3 always include the 0 - 0 input-output pair. Thus a malicious prover can always prove that f0 = 0 for any lookup table f unless its length happens ...

CVE-2025-24802

Summary of CVE-2025-24802 (Plonky2) : The vulnerability stems from padding zeroes in the LookupTableGate mechanism in Plonky2, where lookup tables whose length is not divisible by 26 (computed as floor(num_routed_wires/3)) will always include the 0 -> 0 input-output pair. This allows a malicio...

PT-2025-5578 · Plonky2 · Plonky2

Name of the Vulnerable Software and Affected Versions: Plonky2 versions prior to 1.0.1 Description: The issue concerns lookup tables in Plonky2, a SNARK implementation based on techniques from PLONK and FRI. If a lookup table's length is not divisible by 26, which is calculated as floornum routed...

Plonky2 安全漏洞

Plonky2 is a repository open-sourced by Polygon Zero. A security vulnerability exists in Plonky2, which stems from the zero-padding mechanism originating from LookupTableGate, and could lead to a malicious prover proving that f0 = 0...