19 matches found
CVE-2026-32322
soroban-sdk is a Rust SDK for Soroban contracts. Prior to 22.0.11, 23.5.3, and 25.3.0, The Fr scalar field types for BN254 and BLS12-381 in soroban-sdk compared values using their raw U256 representation without first reducing modulo the field modulus r. This caused mathematically equal field...
EUVD-2026-11726
rs-soroban-sdk: Fr scalar field equality comparison bypasses modular reduction...
rs-soroban-sdk: `Fr` scalar field equality comparison bypasses modular reduction
Security Advisory: Incorrect Equality for Fr Scalar Field Types BN254, BLS12-381 Summary Missing modular reduction in Fr causes incorrect equality comparisons for BN254 and BLS12-381 types in soroban-sdk. Impact The Fr scalar field types for BN254 and BLS12-381 in soroban-sdk compared values usin...
CVE-2026-32322
soroban-sdk is a Rust SDK for Soroban contracts. Prior to 22.0.11, 23.5.3, and 25.3.0, The Fr scalar field types for BN254 and BLS12-381 in soroban-sdk compared values using their raw U256 representation without first reducing modulo the field modulus r. This caused mathematically equal field...
rs-soroban-sdk 安全漏洞
rs-soroban-sdk is a Rust development toolkit open sourced by Stellar. Versions of rs-soroban-sdk prior to 22.0.11, 23.5.3, and 25.3.0 contained security vulnerabilities. These vulnerabilities stemmed from the fact that the Fr type comparison values in BN254 and BLS12-381 were not subjected to...
CVE-2026-32322
soroban-sdk is a Rust SDK for Soroban contracts. Prior to 22.0.11, 23.5.3, and 25.3.0, The Fr scalar field types for BN254 and BLS12-381 in soroban-sdk compared values using their raw U256 representation without first reducing modulo the field modulus r. This caused mathematically equal field...
CVE-2026-32322
Summary : The Soroban SDK (Rust) Fr scalar field types for BN254 and BLS12-381 were vulnerable prior to 22.0.11, 23.5.3, and 25.3.0 because equality comparisons used raw U256 values without reducing modulo the field modulus r. This could cause mathematically equal field elements to compare as une...
CVE-2026-26267
soroban-sdk is a Rust SDK for Soroban contracts. Prior to versions 22.0.10, 23.5.2, and 25.1.1, the contractimpl macro contains a bug in how it wires up function calls. contractimpl generates code that uses MyContract::value style calls even when it's processing the trait version. This means if a...
CVE-2026-26267
The CVE-2026-26267 issue affects soroban-sdk-macros prior to versions 22.0.10, 23.5.2, and 25.1.1. The macro’s trait-implementation wiring can cause the generated call to resolve to an inherent function (MyContract::value) instead of the trait function when an identically named inherent function ...
CVE-2026-26267 rs-soroban-sdk #[contractimpl] macro calls inherent function instead of trait function when names collide
soroban-sdk is a Rust SDK for Soroban contracts. Prior to versions 22.0.10, 23.5.2, and 25.1.1, the contractimpl macro contains a bug in how it wires up function calls. contractimpl generates code that uses MyContract::value style calls even when it's processing the trait version. This means if a...
PT-2026-20342
Name of the Vulnerable Software and Affected Versions soroban-sdk-macros versions prior to 22.0.10 soroban-sdk-macros versions prior to 23.5.2 soroban-sdk-macros versions prior to 25.1.1 Description The contractimpl macro in soroban-sdk-macros has a flaw in how it manages function calls. When...
GHSA-96XM-FV9W-PF3F soroban-sdk has overflow in Bytes::slice, Vec::slice, GenRange::gen_range for u64
Impact Arithmetic overflow can be triggered in the Bytes::slice, Vec::slice, and Prng::genrange for u64 methods in the soroban-sdk in versions prior to and including 25.0.1. Contracts that pass user-controlled or computed range bounds to Bytes::slice, Vec::slice, or Prng::genrange may silently...
CVE-2026-24889 soroban-sdk has overflow in Bytes::slice, Vec::slice, GenRange::gen_range for u64
soroban-sdk is a Rust SDK for Soroban contracts. Arithmetic overflow can be triggered in the Bytes::slice, Vec::slice, and Prng::genrange for u64 methods in the soroban-sdk in versions up to and including 25.0.1, 23.5.1, and 25.0.2. Contracts that pass user-controlled or computed range bounds to...
CVE-2026-24889
CVE-2026-24889 — soroban-sdk overflow in slice/gen_range (u64) Affected components: the soroban-sdk Rust SDK (core functions Bytes::slice, Vec::slice, Prng::gen_range for u64). Root cause: arithmetic overflow when handling range bounds, particularly under overflow-checks = false (default for rele...
EUVD-2026-4848
soroban-sdk is a Rust SDK for Soroban contracts. Arithmetic overflow can be triggered in the Bytes::slice, Vec::slice, and Prng::genrange for u64 methods in the soroban-sdk in versions up to and including 25.0.1, 23.5.1, and 25.0.2. Contracts that pass user-controlled or computed range bounds to...
CVE-2026-24889 soroban-sdk has overflow in Bytes::slice, Vec::slice, GenRange::gen_range for u64
soroban-sdk is a Rust SDK for Soroban contracts. Arithmetic overflow can be triggered in the Bytes::slice, Vec::slice, and Prng::genrange for u64 methods in the soroban-sdk in versions up to and including 25.0.1, 23.5.1, and 25.0.2. Contracts that pass user-controlled or computed range bounds to...
CVE-2026-24889
soroban-sdk is a Rust SDK for Soroban contracts. Arithmetic overflow can be triggered in the Bytes::slice, Vec::slice, and Prng::genrange for u64 methods in the soroban-sdk in versions up to and including 25.0.1, 23.5.1, and 25.0.2. Contracts that pass user-controlled or computed range bounds to...
PT-2026-5233
Name of the Vulnerable Software and Affected Versions soroban-sdk versions 22.0.9 through 25.0.1 soroban-sdk version 23.5.1 soroban-sdk version 25.0.2 Description The soroban-sdk contains an arithmetic overflow issue in the Bytes::slice, Vec::slice, and Prng::gen range for u64 methods. When...
rs-soroban-sdk input validation vulnerability
rs-soroban-sdk is a Rust development toolkit open source by Stellar. Versions of rs-soroban-sdk 25.0.1 and earlier, as well as 23.5.1 and earlier, and 25.0.2 and earlier, have a vulnerability related to input validation errors. This vulnerability stems from arithmetic overflow in the Bytes::slice...