Medium severity6.5NVD Advisory· Published Jun 28, 2024· Updated Apr 15, 2026

CVE-2024-38533

Description

ZKsync Era is a layer 2 rollup that uses zero-knowledge proofs to scale Ethereum. There is possible invalid stack access due to the addresses used to access the stack not properly being converted to cells. This issue has been patched in version 1.5.0.

Patches

0ad30796d7a9

https://github.com/matter-labs/era-compiler-vypervia osv

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

github.com/matter-labs/era-compiler-vyper/security/advisories/GHSA-q7pg-6jh9-87gvnvd

News mentions

No linked articles in our index yet.

cvss	0.423
epss	0.000
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000