CVE-2018-13186
Description
The mintToken function of a smart contract implementation for MMTCoin (MMT), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Integer overflow in MMTCoin (MMT) mintToken function allows owner to arbitrarily set any user's balance.
Vulnerability
The mintToken function in the MMTCoin (MMT) smart contract contains an integer overflow vulnerability [1][2]. This allows the contract owner to mint an arbitrary number of tokens to any address. The vulnerability exists in the token contract as shown in the repository [2].
Exploitation
The attacker must be the owner of the MMTCoin contract. The owner can call mintToken with a large mintedAmount that causes an integer overflow, enabling them to set the balance of any user to an arbitrarily high value [1][2].
Impact
A successful exploit allows the owner to inflate the token supply and assign tokens to any address, potentially devaluing the token or stealing from other users [1][2]. This compromises the integrity and availability of the token.
Mitigation
No official fix has been published. Developers should implement safe math operations, such as using the OpenZeppelin SafeMath library, to prevent integer overflows [1][2]. The contract may be considered vulnerable and should not be used.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.mdmitrex_refsource_MISC
- github.com/BlockChainsSecurity/EtherTokens/tree/master/MMTCoinTokenmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.