Browse all 8 CVE security advisories affecting evmos. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Evmos is an Ethereum-compatible blockchain platform focused on enabling interoperability and scalability for decentralized applications. Historically, the project has been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, with eight CVEs documented to date. Security concerns have included improper input validation and insecure default configurations that could lead to unauthorized access. While no major security incidents have been widely reported, the consistent pattern of vulnerabilities in smart contracts and node implementations highlights ongoing challenges in maintaining robust security across the ecosystem. Developers are advised to implement strict input sanitization and regular security audits to mitigate potential risks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-39696 | Evmos vulnerable to exploit of smart contract account and vesting — evmosCWE-863 | 8.8 | High | 2024-07-05 |
| CVE-2024-37159 | Evmos is missing create validator check — evmosCWE-285 | 3.5 | Low | 2024-06-17 |
| CVE-2024-37158 | Evmos is missing precompile checks — evmosCWE-691 | 3.5 | Low | 2024-06-17 |
| CVE-2024-37154 | Evmos allows unvested token delegations — evmosCWE-285 | 5.3 | Medium | 2024-06-06 |
| CVE-2024-37153 | Evmos's contract balance not updating correctly after interchain transaction — evmosCWE-670 | 7.5 | High | 2024-06-06 |
| CVE-2024-32873 | evmos allows transferring unvested tokens after delegations — evmosCWE-682 | 3.5 | Low | 2024-06-06 |
| CVE-2024-32644 | Evmos' transaction execution not accounting for all state transition after interaction with precompiles — evmosCWE-662 | 9.1 | Critical | 2024-04-19 |
| CVE-2022-35936 | Ethermint DoS through Unintended Contract Selfdestruct — ethermintCWE-668 | 8.2 | High | 2022-08-05 |
This page lists every published CVE security advisory associated with evmos. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.