CVE-2025-57247
The BATBToken contract (address 0xfbf1388408670c02f0dbbb74251d8ded1d63b7a2; compiler v0.8.26+commit.8a97fa7a) has an access-control flaw in whitelist management: setColdWhiteList() and setSpecialAddress() are declared public without proper restrictions. This enables any user to bypass cold-time t...