Ensdomains Ens-Contracts vulnerabilities

CVE-2026-22866 [LOW] CWE-347 CVE-2026-22866: Ethereum Name Service (ENS) is a distributed, open, and extensible naming system based on the Ethere Ethereum Name Service (ENS) is a distributed, open, and extensible naming system based on the Ethereum blockchain. In versions 1.6.2 and prior, the `RSASHA256Algorithm` and `RSASHA1Algorithm` contracts fail to validate PKCS#1 v1.5 padding structure when verifying RSA signatures. The contracts only check if the last 32 (or 20) bytes of the decrypted sig

CVE-2023-38698 [MEDIUM] CWE-190 CVE-2023-38698: Ethereum Name Service (ENS) is a distributed, open, and extensible naming system based on the Ethere Ethereum Name Service (ENS) is a distributed, open, and extensible naming system based on the Ethereum blockchain. According to the documentation, controllers are allowed to register new domains and extend the expiry of existing domains, but they cannot change the ownership or reduce the expiration time of existing domains. However, a preliminary an