2 matches found
402bot (>=0.1.0 <=0.4.0), @0xkinance/x402-anthropic (=0.1.0) +165 more potentially affected by unknown CVE via @x402/svm (>=2.0.0 <=2.5.0)
@x402/svm NPM version =2.0.0, =0.1.0, =0.1.0, =0.3.0, =0.3.0, =0.1.0-alpha.26, =0.1.0-rc.4, =0.1.0, =0.0.0-pr-246-20260515203519, =0.0.1, =0.0.2 - @agenticpay/mcp-server =0.0.1 and more Source cves: unknown CVE Source advisory: OSV:GHSA-QR2G-P6Q7-W82M...
Improper Authentication
Overview @x402/svm is a x402 Payment Protocol SVM Implementation Affected versions of this package are vulnerable to Improper Authentication in facilitator payment processing on Solana. An attacker can interfere with or manipulate payment transactions by exploiting a race condition. Remediation...