Browse all 9 CVE security advisories affecting paritytech. AI-powered Chinese analysis, POCs, and references for each vulnerability.
ParityTech develops blockchain infrastructure and wallet solutions, primarily for the Polkadot ecosystem. Historically, their products have been vulnerable to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, with 9 CVEs documented. Notable security incidents include the 2017 $30 million ether theft from their multi-sig wallet due to a flawed reentrancy check, and a 2021 vulnerability in their Substrate framework that allowed potential privilege escalation. The organization has since implemented formal security processes and bug bounty programs to address these concerns.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-34449 | ink! vulnerable to incorrect decoding of storage value when using `DelegateCall` — inkCWE-754 | 5.3 | Medium | 2023-06-14 |
This page lists every published CVE security advisory associated with paritytech. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.