CVE-2025-21607 Success of Certain Precompile Calls not Checked in Vyper

Vyper is a Pythonic Smart Contract Language for the EVM. When the Vyper Compiler uses the precompiles EcRecover 0x1 and Identity 0x4, the success flag of the call is not checked. As a consequence an attacker can provide a specific amount of gas to make these calls fail but let the overall executi...

PT-2024-24929 · Evmos · Evmos

Name of the Vulnerable Software and Affected Versions: Evmos versions prior to 18.0.0 Description: The issue is related to the spendable balance not being updated properly when delegating vested tokens, allowing a clawback vesting account to anticipate the release of unvested tokens. This problem...