87 matches found
CVE-2026-34064
nimiq-account contains account primitives to be used in Nimiq's Rust implementation. Prior to version 1.3.0, VestingContract::canchangebalance returns AccountError::InsufficientFunds when newbalance balance, the node crashes while trying to return an error. The mincap balance precondition is...
CVE-2026-34064
The CVE-2026-34064 issue affects Nimiq-account’s VestingContract in the Rust implementation. Before v1.3.0, VestingContract::can_change_balance can produce AccountError::InsufficientFunds and builds the error with balance = self.balance - min_cap; if min_cap > balance, Coin::sub underflows and...
CVE-2026-34064 nimiq-account: Vesting insufficient funds error can panic
nimiq-account contains account primitives to be used in Nimiq's Rust implementation. Prior to version 1.3.0, VestingContract::canchangebalance returns AccountError::InsufficientFunds when newbalance balance, the node crashes while trying to return an error. The mincap balance precondition is...
CVE-2026-34064 nimiq-account: Vesting insufficient funds error can panic
nimiq-account contains account primitives to be used in Nimiq's Rust implementation. Prior to version 1.3.0, VestingContract::canchangebalance returns AccountError::InsufficientFunds when newbalance balance, the node crashes while trying to return an error. The mincap balance precondition is...
CVE-2026-34064
nimiq-account contains account primitives to be used in Nimiq's Rust implementation. Prior to version 1.3.0, VestingContract::canchangebalance returns AccountError::InsufficientFunds when newbalance balance, the node crashes while trying to return an error. The mincap balance precondition is...
GHSA-VC34-39Q2-M6Q3 nimiq-account: Vesting insufficient funds error can panic
Impact VestingContract::canchangebalance returns AccountError::InsufficientFunds when newbalance balance, the node crashes while trying to return an error. The mincap balance precondition is attacker-reachable because the vesting contract creation data 32-byte format allows encoding totalamount...
nimiq-account: Vesting insufficient funds error can panic
Impact VestingContract::canchangebalance returns AccountError::InsufficientFunds when newbalance balance, the node crashes while trying to return an error. The mincap balance precondition is attacker-reachable because the vesting contract creation data 32-byte format allows encoding totalamount...
PT-2026-34545
Impact VestingContract::can change balance returns AccountError::InsufficientFunds when new balance balance, the node crashes while trying to return an error. The min cap balance precondition is attacker-reachable because the vesting contract creation data 32-byte format allows encoding total...
CVE-2026-28410
The Graph is an indexing protocol for querying networks like Ethereum, IPFS, Polygon, and other blockchains. Prior to version 3.0.0, a flaw in the token vesting contracts allows users to access tokens that should still be locked according to their vesting schedule. This issue has been patched in...
CVE-2026-28410
The Graph is an indexing protocol for querying networks like Ethereum, IPFS, Polygon, and other blockchains. Prior to version 3.0.0, a flaw in the token vesting contracts allows users to access tokens that should still be locked according to their vesting schedule. This issue has been patched in...
CVE-2026-28410
The Graph is an indexing protocol for querying networks like Ethereum, IPFS, Polygon, and other blockchains. Prior to version 3.0.0, a flaw in the token vesting contracts allows users to access tokens that should still be locked according to their vesting schedule. This issue has been patched in...
EUVD-2026-9871
The Graph is an indexing protocol for querying networks like Ethereum, IPFS, Polygon, and other blockchains. Prior to version 3.0.0, a flaw in the token vesting contracts allows users to access tokens that should still be locked according to their vesting schedule. This issue has been patched in...
CVE-2026-28410 The Graph: Revocable vesting contracts allows early access to locked tokens
The Graph is an indexing protocol for querying networks like Ethereum, IPFS, Polygon, and other blockchains. Prior to version 3.0.0, a flaw in the token vesting contracts allows users to access tokens that should still be locked according to their vesting schedule. This issue has been patched in...
CVE-2026-28410
The Graph (pre-3.0.0) had a flaw in token vesting contracts that could allow users to access tokens still locked by the vesting schedule. The issue is resolved in version 3.0.0. The CVSS metrics indicate NETWORK access with low complexity and no user interaction, resulting in a medium base score....
CVE-2026-28410 The Graph: Revocable vesting contracts allows early access to locked tokens
The Graph is an indexing protocol for querying networks like Ethereum, IPFS, Polygon, and other blockchains. Prior to version 3.0.0, a flaw in the token vesting contracts allows users to access tokens that should still be locked according to their vesting schedule. This issue has been patched in...
CVE-2026-28410 The Graph: Revocable vesting contracts allows early access to locked tokens
The Graph is an indexing protocol for querying networks like Ethereum, IPFS, Polygon, and other blockchains. Prior to version 3.0.0, a flaw in the token vesting contracts allows users to access tokens that should still be locked according to their vesting schedule. This issue has been patched in...
PT-2026-23505
Name of the Vulnerable Software and Affected Versions The Graph versions prior to 3.0.0 Description A flaw exists in the token vesting contracts of The Graph protocol. This issue allows users to access tokens before they are released according to their vesting schedule. The problem was addressed...
CVE-2024-39696
Evmos is a decentralized Ethereum Virtual Machine chain on the Cosmos Network. Prior to version 19.0.0, a user can create a vesting account with a 3rd party account EOA or contract as funder. Then, this user can create an authorization for the contract.CallerAddress, this is the authorization...
EUVD-2024-2400
Malicious code in bioql PyPI...
EUVD-2024-1962
Malicious code in bioql PyPI...