High severity7.5NVD Advisory· Published Feb 13, 2026· Updated Apr 15, 2026
CVE-2025-70955
CVE-2025-70955
Description
A Stack Overflow vulnerability was discovered in the TON Virtual Machine (TVM) before v2024.10. The vulnerability stems from the improper handling of vmstate and continuation jump instructions, which allow for continuous dynamic tail calls. An attacker can exploit this by crafting a smart contract with deeply nested jump logic. Even within permissible gas limits, this nested execution exhausts the host process's stack space, causing the validator node to crash. This results in a Denial of Service (DoS) for the TON blockchain network.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <v2024.10
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.