Lucene search
K

21 matches found

Vulnrichment
Vulnrichment
added 2026/04/09 8:29 p.m.3 views

CVE-2026-40093 nimiq-blockchain is missing a wall-clock upper bound on block timestamps

nimiq-blockchain provides persistent block storage for Nimiq's Rust implementation. In 1.3.0 and earlier, block timestamp validation enforces that timestamp = parent.timestamp for non-skip blocks and timestamp == parent.timestamp + MINPRODUCERTIMEOUT for skip blocks, but there is no visible upper...

8.1CVSS5.8AI score0.00314EPSS
Exploits0References1
Snyk
Snyk
added 2025/05/15 2:5 p.m.2 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the EndBlocker process. An attacker can cause the system to halt by triggering an integer overflow during the cumulative reward ratio calculation. Remediation Upgrade...

8.2CVSS7.2AI score
Exploits0References3
Code423n4
Code423n4
added 2023/11/17 12:0 a.m.14 views

buggy reward calculation

Lines of code Vulnerability details Impact This is very similar to an inflation attack. Rewards increase whenever splitFees is being called which is anywhere buy/sell/mint/burn. The calculation is done like this: shareDataid.shareHolderRewardsPerTokenScaled += shareHolderFee 1e18 / tokenCount;...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/11/17 12:0 a.m.9 views

The user has the ability to bypass a fee claim protection for their own benefit while purchasing tokens

Lines of code Vulnerability details Impact User can bypass a fee claim protection for his own benefit by making multiple purchases instead of one, and as the result claim a fee part by part. Due to code documentation: The reward calculation has to use the old rewards value pre fee-split to not...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/11/17 12:0 a.m.10 views

There is potential underflow and overflow issues in arithmetic operations in the _getRewardsSinceLastClaim function

Lines of code Vulnerability details Impact There are potential underflow and overflow issues in arithmetic operations. Not being able to verify that subtracting lastClaimedValue from shareDataid.shareHolderRewardsPerTokenScaled would result in a negative value. This could lead to affecting the...

7.3AI score
Exploits0
Code423n4
Code423n4
added 2023/09/27 12:0 a.m.14 views

M-04 Unmitigated

Lines of code Vulnerability details Impact The previously identified vulnerability of potential rounding issues during reward calculations has not been fully mitigated. The current strategy to keep remainders and use them in subsequent claimAndSyncRewards calls does not adequately address the iss...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/09/06 12:0 a.m.7 views

Calculating the previous pool's 'cumulativeRewardFactor' from the current pool incorrectly calculates the reward.

Lines of code Vulnerability details Impact When we updated a transcoder with rewards and then try to update a transcoder with fees, it incorrectly calculates the reward generated in the current round for that transcoder, which also incorrectly calculates the previous pool's cumulativeRewardFactor...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/05/15 12:0 a.m.8 views

preBorrowHook and preRepayHook can call updateRewardTokenBorrowIndex with old borrowIndex

Lines of code Vulnerability details Impact Under normal circumstances, the user calls VToken.borrow, further calls accrueInterest to update borrowIndex, and then calls preBorrowHook to trigger updateRewardTokenBorrowIndex. But since preBorrowHook is an externl function, an attacker can directly...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/05/11 12:0 a.m.11 views

An expired parameter is required because there may be slippage in the calculation.

Lines of code Vulnerability details Impact Due to changes in interest rates, failure to process transactions in a timely manner may result in missing out on ideal rewards. Proof of Concept The calculation of the clainRewards function involves interest rates, which are variable. If...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/03/15 12:0 a.m.10 views

Huge over calculating user rewards

Lines of code Vulnerability details Impact Huge over calculating user rewards When user claim rewards for the first time rewards over calculated Proof of Concept getPoolReward function uses ''uint256 timeSinceReward = block.timestamp - lastRewardTime'' formula to calculate period of time that...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/03/15 12:0 a.m.13 views

Flawed calculation in getPoolReward leads to permanent loss of rewards

Lines of code Vulnerability details In NeoTokyoStaker.getPoolReward, a users reward is calculated as follows: 1388: uint256 share = points PRECISION / pool.totalPoints totalReward; 1390: share /= PRECISION; points represents the users total points in the pool over a specific potentially long time...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/03/15 12:0 a.m.11 views

User can claim high rewards than he eligible

Lines of code Vulnerability details Impact User will receive rewards more than he should receive calculation of rewards for user can be continued even after withdraw Proof of Concept when a user claim rewards, the lastRewardTime will be set to block.timestamp , now consider a scenario that user...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/03/15 12:0 a.m.9 views

Wrong accounting of share leading to incorrect amount of BYTES be minted per second

Lines of code Vulnerability details Impact In NeoTokyoStaker, staker is a competitive system where stakers compete for a fixed emission rate in each of the S1 Citizen, S2 Citizen, and LP token staking pools. For each staking pool, there are some reward windows. Each reward window has different...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/03/09 12:0 a.m.15 views

Rewards for the Staking.sol contract may be stolen via the first staker

Lines of code Vulnerability details Impact The return amount of the function rewardPerToken may be inflated for the first in the Staking.sol contract. Proof of Concept The Staking.sol contract is designed for the LOT token holders to be able to stake their native tokens. Thus, the token holders...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/11/28 12:0 a.m.14 views

fee loss in AutoPxGmx and AutoPxGlp and reward loss in AutoPxGlp by calling PirexRewards.claim(pxGmx/pxGpl, AutoPx*) directly which transfers rewards to AutoPx* pool without compound logic get executed and fee calculation logic and pxGmx wouldn't be executed for those rewards

Lines of code Vulnerability details Impact Function compound in AutoPxGmx and AutoPxGlp contracts is for compounding pxGLP and additionally pxGMX rewards. it works by calling PirexGmx.claimpx, this to collect the rewards of the vault and then swap the received amount to calculate the reward,...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/05/30 12:0 a.m.14 views

_writeCheckpoint() in Gauge use wrong index to get prevVoteStatus

Lines of code Vulnerability details Impact All the Voting values calculated by writeCheckpoint when it's not first checkpoint is going to set to False instead of account's last vote and because vote has been used in earned and reward calculation so reward distribution is going to be wrong too...

7AI score
Exploits0
Code423n4
Code423n4
added 2022/05/22 12:0 a.m.9 views

AuraLocker kick reward only takes last locked amount into consideration, instead of whole balance

Lines of code Vulnerability details The issue occurs in AuraLocker, when expired locks are processed via kicking, and if all the user locks have expired. In this scenario, to calculate the kick reward, processExpiredLocks multiplies the last locked amount by the number of epochs between the last...

7AI score
Exploits0
Code423n4
Code423n4
added 2022/05/21 12:0 a.m.14 views

ConvexMasterChef: When _lpToken is duplicated, reward calculation is incorrect

Lines of code Vulnerability details Impact Same as IDX-002 in In the ConvexMasterChef contract, a new staking pool can be added using the add function. The staking token for the new pool is defined using the lpToken variable. However, there is no additional checking whether the lpToken is already...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/03/16 12:0 a.m.11 views

Reward and base token decimals difference isn't accounted for in LiquidityFarming

Lines of code Vulnerability details Impact Reward and base token decimals can differ, while this difference isn't accounted for in the reward amount calculations, which will lead to either missing rewards or sending the whole rewards balance to the first eligible user. For example: If reward is...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/01/30 12:0 a.m.19 views

ConvexStakingWrapper does not update rewards state before transferring tokens

Handle kenzo Vulnerability details ConvexStakingWrapper saves data for reward calculation in dedicated variables for each user, such as reward.rewardintegralforaccount. These variables are not updated when transferring wrapped staked tokens. Please note that Convex's original ConvexStakingWrapper...

7AI score
Exploits0
Rows per page
Query Builder