EUVD-2025-28073

Malicious code in bioql PyPI...

The vulnerability of the Grafana monitoring and observation platform, related to the disclosure of confidential information to unauthorized entities, allows attackers to expose the protected information.

The vulnerability of the Grafana monitoring and observation platform relates to the transfer of authentication tokens to certain target plugins. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information that is protected by the system...

Some tokens may revert when zero value transfers are made

Lines of code 356, 371, 145, 272, 252, 116, 445, 374, 506, 488https://github.com/Tapioca-DAO/tap-token-audit/blob/59749be5bc2286f0bdbf59d7ddc258ddafd49a9f/contracts/options/TapiocaOptionBroker...

Insecure and Inflexible Forwarder Approval Mechanism (Full Access Grant)

Lines of code Vulnerability details Impact The current implementation of the onlyApprovedForwarder modifier in the Ocean smart contract has several negative impacts: 1. Security Risk: Users are exposed to a significant security risk if their forwarder is compromised. An attacker can exploit full...

Reentrancy in Token Transfers

Lines of code Vulnerability details Impact The mint and burn functions perform ERC20 token transfers without implementing a reentrancy guard. This allows malicious approving contracts to call back into these functions during a transaction and manipulate state. An attacker could steal all approved...

Circumvention of soft staking restrictions in StakedUSDeV2 through indirect ERC20 token transfers

Lines of code Vulnerability details Summary The StakedUSDeV2 in the Ethena protocol is designed to allow users to stake USDe tokens and earn rewards. The protocol includes roles and restrictions to manage the staking process, such as SOFTRESTRICTEDSTAKERROLE and FULLRESTRICTEDSTAKERROLE. However,...

Restriction Manager does not check the source address

Lines of code Vulnerability details Impact The detectTransferRestriction takes in all the necessary parameters: function detectTransferRestrictionaddress from, address to, uint256 value public view returns uint8 However it only performs a check on the address to The restriction used here is...

Potential Loss of Rewards During Token Transfers in StaticATokenLM.sol

Lines of code Vulnerability details Impact This issue could lead to a permanent loss of rewards for the transferer of the token. During the token transfer process, the beforeTokenTransfer function updates rewards for both the sender and the receiver. However, due to the specific call order and th...

[H] Users can lose their funds if the transaction reverts on destination chain

Lines of code Vulnerability details Impact The transmitSendToken function in the contract facilitates cross-chain token transfers. For contracts involving ERC20 tokens it is also expected that, should a contract call fail, one's tokens are not lost/transferred elsewhere. However, the function doe...

LACK OF VALIDATION CHECK COULD LEAD TO WRONG TOKEN TRANSFERS THUS BREAKING THE PROTOCOL

Lines of code Vulnerability details Impact The InterchainTokenService.processSendTokenWithDataPayload function is used to process the received token amount with data at the destination InterchainTokenService contract. The received token amount is transferred to either the expressCaller or the...

Users who call expressReceiveTokenWithData or expressReceiveToken can griefed to pay for fees

Lines of code Vulnerability details Impact A user or service who calls expressReceiveTokenWithData or expressReceiveToken generally waits for an event associated with either callContractWithInterchainToken or sendToken to be emitted on a second chain. When they see this event, they will call...

Not all features of the protocol are used

Lines of code Vulnerability details Impact In current implementation The protocol won't be so popular as it can be. This is because a lot of transactions uses flash loan. In current implementation flash loan impossible, because user must transfer his funds at the first. This leads to small amount...

Callback tokens can cause re-entrancy

Lines of code Vulnerability details Description There are many places in the code where token transfers are in the middle of a function more specifically, both after and before state changes. It is very important not to pass control to untrusted code in these calls, as they could potentially...

Support for fee-on-transfer tokens

Lines of code Vulnerability details Impact The AddressDriver.sol do not support fee-on-transfer tokens. If the asset is a fee-on-transfer token, tokens received from users could be less then the amount specified in the transfer. The protocol could suffer a loss of funds. Proof of Concept function...

All Transfer Hooks have incomplete checks which might lead to transactions reverting

Lines of code Vulnerability details Impact Due to not checking that the ids array and amounts array are same , if given the two arraya of non-equal length it might lead to incorrect token transfers and unwanted transaction reverts. Proof of Concept According to the EIP specification the ids array...

Upgraded Q -> M from #163 [1671458931869]

Judge has assessed an item in Issue 163 as M risk. The relevant finding follows: TOKEN TRANSFERS DO NOT VERIFY THAT THE TOKENS WERE SUCCESSFULLY TRANSFERRED Some tokens like zrx do not revert the transaction when the transfer/transferfrom fails and return false, which requires us to check the...

Incompatibility With Rebasing/Deflationary/Inflationary tokens

Lines of code Vulnerability details Impact The Maverick AMM does not appear to support rebasing/deflationary/inflationary tokens whose balance changes during transfers or over time. The necessary checks include at least verifying the amount of tokens transferred to contracts before and after the...

L2ETHBridge.l2TokenAddress returns CONVENTIONAL_ETH_ADDRESS instead of ETH_TOKEN_SYSTEM_CONTRACT_ADDRESS

Lines of code Vulnerability details Impact In the L2ETHBridge contract, both the withdraw and l2TokenAddress functions use CONVENTIONALETHADDRESS as the address of the L2ETH. However, L2ETH is actually an L2StandardToken contract at the ETHTOKENSYSTEMCONTRACTADDRESS address. If the user wants to...

Use safeTransferFrom instead of transferFrom()

Lines of code Vulnerability details Impact Although ERC20 standard suggests that a transfer should return true on success, there are tokens that doesn't comply with this. Therefore, the transferFrom call might cause silent failures and will affect the token accounting in this contract. Proof of...

[M1] _executeTokenTransfer can succeed without transferring tokens

Lines of code Vulnerability details Impact NFT Tokens may not be transferred in execute PoC During compile time AssetType can be either ERC721 or ERC1155 0 or 1. However, in execution time this value can be more than 1. ​ ​ The internal function executeTokenTransfer will succeed when AssetType 1...