CVE-2025-25962

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Coresmartcontracts Uniswap versions 3.0 through 3.0

Description The issue allows a remote attacker to escalate privileges via the modifyPosition function. This enables the attacker to gain elevated access, potentially leading to further exploitation.

Recommendations For Coresmartcontracts Uniswap version 3.0, update to version 4.0 to resolve the issue. As a temporary workaround, consider restricting access to the modifyPosition function until the update can be applied.

Exploit

Fix

LPE

Improper Access Control

Improper Privilege Management

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284CWE-269

Related Identifiers

CVE-2025-25962

Affected Products

Coresmartcontracts Uniswap

CVE-2025-25962

Weakness Enumeration

Related Identifiers

Affected Products

References · 7