CVE-2026-4843

The GSheet For Woo Importer plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the processajaxrestoreaction function in all versions up to, and including, 2.3.1. This makes it possible for authenticated attackers, with Subscriber-level access and...

EUVD-2025-31757

Malicious code in bioql PyPI...

CVE-2020-11072

In SLP Validate npm package slp-validate before version 1.2.1, users could experience false-negative validation outcomes for MINT transaction operations. A poorly implemented SLP wallet could allow spending of the affected tokens which would result in the destruction of a user's minting baton. Th...

[M-15] Reentrancy in the BranchPort contract

Lines of code Vulnerability details Impact In a Re-entrancy attack, a malicious contract calls back into the calling contract before the first invocation of the function is finished. This may cause the different invocations of the function to interact in undesirable ways, especially in cases wher...

Users will not receive on Token on Destination chain because the internal _executeWithToken(...) function is not implemented.

Lines of code Vulnerability details Impact Loss of tokens on the Destination chain. Proof of Concept The DestinationBridge.sol contract inherits AxelarExecutable.sol which has the executeWithToken... that's called at the end of executeWithToken... function. The executeWithToken... is not...

Tokens transferred with bridge can get lost if destination transaction can’t be executed

Lines of code Vulnerability details Impact User could lost his tokens, if tx on destination chain will failrevert. There is no option to recover the tokens on source chain. Revert could be cause by function attachThreshold. This function finds the correspondence between the amount and threshhold...

All the funds will be lost if the destination bridge is paused

Lines of code Vulnerability details Impact Destination bridge is pausable, so if for a chain a destination bridge is paused, all the funds being bridged from different source bridges from different chains will be lost. Proof of Concept Destination bridge inherits from the openzeppelin pausable.so...

Vote tokens of voters are not returned.

Lines of code Vulnerability details Impact In the docs and twitter spaces, it was mentioned that the voting tokens will be given back to the voters after the Election has ended. But no logic is implemented anywhere in the repo. This can cause voters to lose their valuable voting tokens which can...

Reentrant Call Vulnerability in ExpressCallHandler Contract

Lines of code Vulnerability details DISCRIPTION The ExpressCallHandler contract contains a potential bug related to handling the express calls. The issue lies in the setExpressReceiveToken and setExpressReceiveTokenWithData functions. Specifically, these functions don't properly handle reentrant...

Some Amount of tokens will be left behind in BYTES 1.0

Lines of code Vulnerability details Impact If user wants to upgrade all its token he won't be able to do that. Proof of Concept Let's see what is happening function upgradeBytes uint256 amount external if IERC20BYTES1.balanceOfmsg.sender amount revert DoNotHaveEnoughOldBytesamount; During the...

Mint to without check for zero address

Lines of code Vulnerability details Impact Mint to without check for zero address. This can lead to lost of token Proof of Concept Tools Used Recommended Mitigation Steps add check to be sure that address to is not empty --- The text was updated successfully, but these errors were encountered: Al...

attacker can make stakeRate to be 1 in the StRSR contract and users depositing tokens can lose funds because of the big rounding error

Lines of code Vulnerability details Impact code calculates amount of stake token and rsr token based on stakeRate and if stakeRate was near 1e18 then division error is small but attacker can cause stakeRate to be 1 and that can cause users to loss up to 1e18 token during stake and unstake. Proof ...

_safeMint should be used to work with smart contract address

Lines of code Vulnerability details Fix safeMint should be used if you are sending the minted token to a Contract that is capable to manage NFTs or not. This is to prevent tokens to be lost. Recommended Mitigation Steps Replace mint with safeMint. Tools Used Manual review --- The text was updated...

It is possible that, after swapping, extra input token amount is transferred from user to pool but pool does not give user output token amount that corresponds to the extra input token amount

Lines of code Vulnerability details Impact When calling the swap function below, the following swapCallback function is further called for calling the algebraSwapCallback function in the callee contract, which is msg.sender; such contract could be implemented by a third party especially for...

Vesting revoke will disallow receiver from receiving already unlocked tokens

Lines of code Vulnerability details Impact Unfair loss of tokens for the receiver. Proof of Concept Vesting is used by employers to align incentives in startups and prevent employees from leaving the company if they want to get the vested tokens. This is why a revoke function was included. From t...

user fund loss in redeem() of RariMerkleRedeemer, because of division rounding error in previewRedeem() which is used in _redeem() and _multiRedeem()

Lines of code Vulnerability details Impact Because of the division rounding error in calculating baseToken amount, when users tries to redeem, they receive less baseToken for the amount of cToken they transferred to the RariMerkleRedeemer contract. This bug is more critical when cToken is a very...

delegatecall() modify merkleRoot, vault may lose all

Lines of code Vulnerability details Impact If the vault contract delegatecall the malicious contract by execute，the important variable merkleRoot can be modified. If the merkleRoot is set well designed, the vault will lose all tokens. Because, there are two main requirements for function execute ...

Loss of tokens due to wrong burn function

Lines of code Vulnerability details Impact The redeem function calls burn which is inherited from IERC777Upgradeable contract whose action is to burn ERC20 tokens, thus there is no transfer or withdrawal of asset tokens to a receiver. The redeemToAsset is also affected by this since it calls...

WithdrawTo() needs a zero address check for _to parameter

Lines of code Vulnerability details Impact The withdrawTo function in Booster.sol is missing a zero address check for to parameter. Tokens would be lost if to is zero address. Proof of Concept Tools Used Manual review Recommended Mitigation Steps User require to ensure to is not a zero address. -...

ConvexStakingWrapper._calcRewardIntegral() Has An Accounting Error When Updating reward.remaining

Lines of code Vulnerability details Impact The ConvexStakingWrapper.sol implementation makes several modifications to the original design. One of the key changes is the way rewards are distributed to stakers. A new ConcurRewardPool.sol contract is used to store rewards, allowing users to claim...