Vyper array negative index vulnerability
Description
Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine. Arrays can be keyed by a signed integer, while they are defined for unsigned integers only. The typechecker doesn't throw when spotting the usage of an int as an index for an array. The typechecker allows the usage of signed integers to be used as indexes to arrays. The vulnerability is present in different forms in all versions, including 0.3.10. For ints, the 2's complement representation is used. Because the array was declared very large, the bounds checking will pass Negative values will simply be represented as very large numbers. As of time of publication, a fixed version does not exist.
There are three potential vulnerability classes: unpredictable behavior, accessing inaccessible elements and denial of service. Class 1: If it is possible to index an array with a negative integer without reverting, this is most likely not anticipated by the developer and such accesses can cause unpredictable behavior for the contract. Class 2: If a contract has an invariant in the form assert index < x, the developer will suppose that no elements on indexes y | y >= x are accessible. However, by using negative indexes, this can be bypassed. Class 3: If the index is dependent on the state of the contract, this poses a risk of denial of service. If the state of the contract can be manipulated in such way that the index will be forced to be negative, the array access can always revert (because most likely the array won't be declared extremely large). However, all these the scenarios are highly unlikely. Most likely behavior is a revert on the bounds check.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Vyper smart contract language allows signed integer array indices, bypassing bounds checks and potentially causing unexpected behavior.
Vulnerability
Description
The Vyper smart contract language's typechecker allows signed integers (int) to be used as array indices, even though arrays are defined only for unsigned integers. The bounds checking code validates the index against IntegerT.any(), accepting signed types [1][2][4]. When a signed negative integer is used, its two's complement representation is interpreted as a very large unsigned number. If the array is declared large enough (e.g., MAX_UINT256), the negative index passes the bounds check, enabling access to memory outside the intended array range [2].
Exploitation
Prerequisites
Exploitation requires the contract to declare an array with an extremely large size (at least 2^255 elements) and a function that accepts a signed integer index. An attacker can supply a negative value that, after conversion, yields a valid index within the large array bounds. This can lead to reading or writing to unexpected storage slots, bypassing developer assumptions about index ranges [2].
Impact
Three hypothetical impact classes are identified: (1) unpredictable contract behavior due to accessing unintended slots, (2) bypassing invariants like assert index < x by using negative indices that map to large positive values, and (3) denial of service if the index depends on contract state that can be forced negative, causing array access to revert. However, the advisory notes that these scenarios are highly unlikely in practice, and the most likely result is a revert on the bounds check [1].
Mitigation
Status
As of publication, no fixed version of Vyper exists [1][2]. Developers are advised to avoid declaring extremely large arrays and to implement additional index validation in user-facing functions. The vulnerability affects all Vyper versions, including 0.3.10 [1][2].
AI Insight generated on May 20, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
vyperPyPI | < 0.4.0 | 0.4.0 |
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- github.com/advisories/GHSA-52xq-j7v9-v4v2ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2024-24563ghsaADVISORY
- github.com/pypa/advisory-database/tree/main/vulns/vyper/PYSEC-2024-150.yamlghsaWEB
- github.com/vyperlang/vyper/blob/a1fd228cb9936c3e4bbca6f3ee3fb4426ef45490/vyper/codegen/core.pyghsax_refsource_MISCWEB
- github.com/vyperlang/vyper/blob/c150fc49ee9375a930d177044559b83cb95f7963/vyper/semantics/types/subscriptable.pyghsax_refsource_MISCWEB
- github.com/vyperlang/vyper/security/advisories/GHSA-52xq-j7v9-v4v2ghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.