VYPR

Trust Wallet Core

by Binance

Source repositories

CVEs (2)

  • CVE-2024-23660HigFeb 8, 2024
    risk 0.49cvss 7.5epss 0.01

    The Binance Trust Wallet app for iOS in commit 3cd6e8f647fbba8b5d8844fcd144365a086b629f, git tag 0.0.4 misuses the trezor-crypto library and consequently generates mnemonic words for which the device time is the only entropy source, leading to economic losses, as exploited in…

  • CVE-2025-66692Jan 20, 2026
    risk 0.00cvss epss 0.00

    A buffer over-read in the PublicKey::verify() method of Binance - Trust Wallet Core before commit 5668c67 allows attackers to cause a Denial of Service (DoS) via a crafted input.