VYPR

crates.io package

soroban-sdk-macros

pkg:cargo/soroban-sdk-macros

Vulnerabilities (1)

  • CVE-2026-26267Feb 19, 2026
    affected >= 25.0.0, < 25.1.1fixed 25.1.1

    soroban-sdk is a Rust SDK for Soroban contracts. Prior to versions 22.0.10, 23.5.2, and 25.1.1, the `#[contractimpl]` macro contains a bug in how it wires up function calls. `#[contractimpl]` generates code that uses `MyContract::value()` style calls even when it's processing the