EUVD-2025-26877

Malicious code in bioql PyPI...

Lindell17 TSS Injection Vulnerability

tss-lib is an open source IO FinNet implementation of the multi-party t,n- threshold ECDSA Elliptic Curve Digital Signature Algorithm based on Gennaro and Goldfeder 20201 and EdDSA Edwards Curve Digital Signature Algorithm. A security vulnerability exists in Lindell17 TSS that stems from allowing...

PT-2023-24237

Name of the Vulnerable Software and Affected Versions Crypto wallets implementing GG18 or GG20 TSS protocol affected versions not specified Description Crypto wallets using the GG18 or GG20 Threshold Signature Scheme TSS protocols are susceptible to an issue where an attacker can extract a full...

Executors need to be trusted

62 comment Warden: cmichel Executors need to be trusted, otherwise, they can just call sendFundsToUser to transfer out any funds as they please. Consider adding threshold signatures to prevent all funds from being lost when a single executor is compromised. --- The text was updated successfully,...

GHSA-PWQF-9H7J-7MV8 Incorrect threshold signature computation in TUF

Impact Metadadata signature verification, as used in tuf.client.updater, counted each of multiple signatures with identical authorized keyids separately towards the threshold. Therefore, an attacker with access to a valid signing key could create multiple valid signatures in order to meet the...