DeepFake Forensics AI: A Multi-Modal Detection and Blockchain-Anchored Evidence Management Platform

The proliferation of AI-generated synthetic media poses a critical threat to the integrity of digital evidence in legal and forensic contexts. Existing deepfake detection systems typically address a single modality and provide no mechanism for tamper-proof evidence preservation. We present DeepFa...

Smart Contract Security beyond Detection

Smart contract security has progressed from vulnerability detection toward a broader research agenda that includes semantic reasoning, automated repair, adversarial robustness, and real-time exploit detection. This paper develops a capstone-oriented research narrative around four directions:...

EUVD-2026-19742

Smart contract Marginal v1 performs unsafe downcast, allowing attackers to settle a large debt position for a negligible asset cost...

CVE-2026-4931 CVE-2026-4931

Smart contract Marginal v1 performs unsafe downcast, allowing attackers to settle a large debt position for a negligible asset cost...

CVE-2026-4931

Smart contract Marginal v1 performs unsafe downcast, allowing attackers to settle a large debt position for a negligible asset cost...

PT-2026-30899

Name of the Vulnerable Software and Affected Versions Smart contract Marginal v1 affected versions not specified Description The Smart contract Marginal v1 contains an unsafe downcast issue. This allows attackers to settle a large debt position for a negligible asset cost. Recommendations At the...

SPARTAN

SPARTAN v2.0 — Autonomous Security Audit & Exploit Agent...

OWASP Smart Contract Top 10

The OWASP Smart Contract Top 10: 2026 is a standard awareness document that aims to provide Web3 developers and security teams with insights into the top 10 vulnerabilities found in smart contracts. It is a sub‑project of the broader OWASP Smart Contract Security OWASP SCS initiative. It serves a...

CVE-2023-40015

Vyper is a Pythonic Smart Contract Language. For the following probably non-exhaustive list of expressions, the compiler evaluates the arguments from right to left instead of left to right. unsafeadd, unsafesub, unsafemul, unsafediv, powmod256, |, &, ^ bitwise operators, bitwiseor deprecated,...

CVE-2018-14089

An issue was discovered in a smart contract implementation for VirgoZodiacToken, an Ethereum token. In this contract, 'bool sufficientAllowance = allowance =' which was intended. An attacker can transfer from any address to his address, and does not need to meet the 'allowance value' condition...

CVE-2018-14084

An issue was discovered in a smart contract implementation for MKCB, an Ethereum token. If the owner sets the value of sellPrice to a large number in setPrices then the "amount sellPrice" will cause an integer overflow in sell...

CVE-2021-33403

An integer overflow in the transfer function of a smart contract implementation for Lancer Token, an Ethereum ERC20 token, allows the owner to cause unexpected financial losses between two large accounts during a transaction...

CVE-2022-35915

OpenZeppelin Contracts is a library for secure smart contract development. The target contract of an EIP-165 supportsInterface query can cause unbounded gas consumption by returning a lot of data, while it is generally assumed that this operation has a bounded cost. The issue has been fixed in...

CVE-2023-31146

Vyper is a Pythonic smart contract language for the Ethereum virtual machine. Prior to version 0.3.8, during codegen, the length word of a dynarray is written before the data, which can result in out-of-bounds array access in the case where the dynarray is on both the lhs and rhs of an assignment...

CVE-2022-31170

OpenZeppelin Contracts is a library for smart contract development. Versions 4.0.0 until 4.7.1 are vulnerable to ERC165Checker reverting instead of returning false. ERC165Checker.supportsInterface is designed to always successfully return a boolean, and under no circumstance revert. However, an...

glider_StakedUSDeV2

StakedUSDeV2 Uninitialized Role Variable PoC Vulnerability...

CVE-2025-11773

The Cryptocurrency Token, Launchpad Presale, ICO & IDO, Airdrop by TokenICO plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'saveDeployedContract' function in all versions up to, and including, 2.4.7. This makes it possible for...

EUVD-2025-198396

The Cryptocurrency Token, Launchpad Presale, ICO & IDO, Airdrop by TokenICO plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'saveDeployedContract' function in all versions up to, and including, 2.4.6. This makes it possible for...

CVE-2025-11773

MODE C: The WordPress plugin TokenICO (Cryptocurrency, Token Launchpad) has a vulnerability in saveDeployedContract across versions ≤ 2.4.6 that allows authenticated users with Subscriber+ privileges to modify the WordPress option tokenico_deployed_contracts, poisoning displayed smart contract ad...

CredShields Joins Forces with Checkmarx to Bring Smart Contract Security to Enterprise AppSec Programs

Singapore, Singapore, 19th November 2025, CyberNewsWire...