CVE-2025-54070 | OpenZeppelin openzeppelin-contracts up to 5.3.x Bytes.sol lastIndexOf Pos out-of-bounds

A vulnerability was found in OpenZeppelin openzeppelin-contracts up to 5.3.x. It has been rated as problematic. This issue affects the function lastIndexOf in the library Bytes.sol. The manipulation of the argument Pos leads to out-of-bounds read.

The identification of this vulnerability is CVE-2025-54070. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More