CVE-2025-25500

Published: 2025-03-18T14:15Z

Last Modified: 2025-03-21T17:15Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

An issue in CosmWasm prior to v2.2.0 allows attackers to bypass capability restrictions in blockchains by exploiting a lack of runtime capability validation. This allows attackers to deploy a contract without capability enforcement, and execute unauthorized actions on the blockchain. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt