VYPR

Ton

by Ton Blockchain

Source repositories

CVEs (4)

  • CVE-2025-70957HigFeb 13, 2026
    risk 0.42cvss 7.5epss 0.00

    A Denial of Service (DoS) vulnerability was discovered in the TON Lite Server before v2024.09. The vulnerability arises from the handling of external arguments passed to locally executed "get methods." An attacker can inject a constructed Continuation object (an internal TVM…

  • CVE-2025-70956HigFeb 13, 2026
    risk 0.42cvss 7.5epss 0.00

    A State Pollution vulnerability was discovered in the TON Virtual Machine (TVM) before v2025.04. The issue exists in the RUNVM instruction logic (VmState::run_child_vm), which is responsible for initializing child virtual machines. The operation moves critical resources…

  • CVE-2025-70955HigFeb 13, 2026
    risk 0.42cvss 7.5epss 0.01

    A Stack Overflow vulnerability was discovered in the TON Virtual Machine (TVM) before v2024.10. The vulnerability stems from the improper handling of vmstate and continuation jump instructions, which allow for continuous dynamic tail calls. An attacker can exploit this by…

  • CVE-2025-70954HigFeb 13, 2026
    risk 0.42cvss 7.5epss 0.01

    A Null Pointer Dereference vulnerability exists in the TON Virtual Machine (TVM) within the TON Blockchain before v2025.06. The issue is located in the execution logic of the INMSGPARAM instruction, where the program fails to validate if a specific pointer is null before…