VYPR

crates.io package

soroban-fixed-point-math

pkg:cargo/soroban-fixed-point-math

Vulnerabilities (1)

  • CVE-2026-24783Jan 27, 2026
    affected >= 1.4.0, < 1.4.1fixed 1.4.1

    soroban-fixed-point-math is a fixed-point math library for Soroban smart contacts. In versions 1.3.0 and 1.4.0, the `mulDiv(x, y, z)` function incorrectly handled cases where both the intermediate product $x * y$ and the divisor $z$ were negative. The logic assumed that if the in