CVE-2025-25500

Publication date

2025-03-18 00:00:00

Family

mitre

State

PUBLISHED

Description

An issue in CosmWasm prior to v2.2.0 allows attackers to bypass capability restrictions in blockchains by exploiting a lack of runtime capability validation. This allows attackers to deploy a contract without capability enforcement, and execute unauthorized actions on the blockchain.