Stellar Rs-soroban-sdk
3 CVEs affecting Stellar Rs-soroban-sdk. Latest disclosed: 2026-03-12. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-26267 | High | 7.5 | 2026-02-19 | soroban-sdk is a Rust SDK for Soroban contracts. Prior to versions 22.0.10, 23.5.2, and 25.1.1, the `#[contractimpl]` macro contains a bug in how it wires up f… |
CVE-2026-32322 | Medium | 5.3 | 2026-03-12 | soroban-sdk is a Rust SDK for Soroban contracts. Prior to 22.0.11, 23.5.3, and 25.3.0, The Fr (scalar field) types for BN254 and BLS12-381 in soroban-sdk compa… |
CVE-2026-24889 | Medium | 5.3 | 2026-01-28 | soroban-sdk is a Rust SDK for Soroban contracts. Arithmetic overflow can be triggered in the `Bytes::slice`, `Vec::slice`, and `Prng::gen_range` (for `u64`) me… |