PT-2026-25884 · Go · @X402/Svm+2

Published

2026-03-07

·

Updated

2026-03-07

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Impact

A security vulnerability exists in outdated versions of the x402 SDK.
This vulnerability does not affect users' private keys, smart contracts, or funds.
The issue impacts resource servers accepting payments on Solana when the facilitator is running a vulnerable version of the x402 SDK.

Who Should Take Action

Facilitators that process payments on Solana must upgrade the x402 SDK to the patched versions listed below.
Clients are not required to upgrade.
Resource servers are not required to upgrade unless they operate their own facilitator (self-facilitate).

Patches

Please update to the following package versions:
  • Npm: @x402/svm >= 2.6.0
  • Pypi: x402 >= 2.3.0
  • Go: x402 >= 2.5.0
Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Related Identifiers

GHSA-QR2G-P6Q7-W82M

Affected Products

@X402/Svm
Github.Com/Coinbase/X402/Go
X402