EUVD-2025-29512

Malicious code in bioql PyPI...

GO-2025-3801 Babylon vulnerable to chain halt when a message modifies the validator set at the epoch boundary in github.com/babylonlabs-io/babylon

Babylon vulnerable to chain halt when a message modifies the validator set at the epoch boundary in github.com/babylonlabs-io/babylon...

Denial Of Service (DoS)

github.com/babylonlabs-io/babylon is vulnerable to Denial Of Service DoS. The vulnerability is due to sending a message that modifies the validator set exactly at the epoch boundary, which allows an attacker to halt the blockchain by disrupting consensus progression...

Improper Check for Unusual or Exceptional Conditions

Overview Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions via the validator set modification process at the epoch boundary. An attacker can cause the chain to halt by sending a message that alters the validator set during this critical...

Babylon vulnerable to chain halt when a message modifies the validator set at the epoch boundary

Summary Sending a message that modifies the validator set at the epoch boundary halts the chain. Impact Denial of Service - Comos-sdk prevents modifying the validator set from two different modules - https://github.com/cosmos/cosmos-sdk/blob/release/v0.50.x/types/module/module.goL811. Such an...

GHSA-RJ53-J6JW-7F7G Babylon vulnerable to chain halt when a message modifies the validator set at the epoch boundary

Summary Sending a message that modifies the validator set at the epoch boundary halts the chain. Impact Denial of Service - Comos-sdk prevents modifying the validator set from two different modules - https://github.com/cosmos/cosmos-sdk/blob/release/v0.50.x/types/module/module.goL811. Such an...

Improper Check for Unusual or Exceptional Conditions

Overview Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions via the validator set modification process at the epoch boundary. An attacker can cause the chain to halt by sending a message that alters the validator set during this critical...

PT-2025-30107 · Go · Github.Com/Babylonlabs-Io/Babylon/V2

Summary Sending a message that modifies the validator set at the epoch boundary halts the chain. Impact Denial of Service - Comos-sdk prevents modifying the validator set from two different modules - https://github.com/cosmos/cosmos-sdk/blob/release/v0.50.x/types/module/module.goL811. Such an...

Interchain Security: The signers of ICS messages do not need to match the provider address

Context ICS has the following four messages that enable validators on the provider chain to perform different actions: - MsgOptIn -- adds a validator to the consumer chain’s active set - MsgOptOut -- removes a validator from the consumer chain’s active set - MsgAssignConsumerKey -- changes the...

updateValset() Insufficient validation of new validator set may brick the contract

Lines of code Vulnerability details In Gravity.solupdateValset, while the signatures of the current validators are verified and = powerThreshold is checked, there is one important validation should be done: check the cumulative power of the new validator set to ensure the contract has sufficient...

Large Validator Sets/Rapid Validator Set Updates May Freeze the Bridge or Relayers

Handle nascent Vulnerability details In a similar vein to "Freeze The Bridge Via Large ERC20 Names/Symbols/Denoms", a sufficiently large validator set or sufficiently rapid validator update could cause both the ethoraclemainloop and relayermainloop to fall into a state of perpetual errors. In...

Large ValSets potentially freezes Gravity.sol

Handle nascent Vulnerability details Gas requirements of makeCheckpoint: If the size of the validator set grows large enough during a time of block-size expansion, it may be possible to make the validator set large enough that, when the block size shrinks, the gas required to perform makeCheckpoi...