CVE-2025-27611 is a high-severity vulnerability affecting the cryptocoinjs base-x library, a widely used base encoder and decoder that supports arbitrary alphabets with bitcoin-style leading zero compression. The vulnerability is classified under CWE-1007, which relates to insufficient visual distinction of homoglyphs presented to users. Homoglyphs are characters that appear visually similar or identical but are different Unicode code points. In the context of base-x, this flaw allows attackers to craft encoded strings (such as cryptocurrency addresses) that visually resemble legitimate addresses but differ in underlying characters. This can deceive users into sending funds to unintended addresses, resulting in financial loss. The affected versions include all versions prior to 3.0.11, version 4.0.0, and version 5.0.0. The issue has been patched in versions 3.0.11, 4.0.1, and 5.0.1. The CVSS 4.0 base score is 8.7 (high), reflecting the network attack vector, low attack complexity, no privileges or user interaction required, and a high impact on integrity due to potential misdirection of funds. There is no impact on confidentiality or availability. No known exploits are currently reported in the wild. The vulnerability arises because the base-x library does not sufficiently differentiate visually similar characters in encoded outputs, enabling attackers to substitute homoglyphs that look identical to legitimate characters, thus tricking users or systems relying on visual inspection to verify addresses or encoded data. This is particularly critical in cryptocurrency transactions where address accuracy is paramount and irreversible transfers are common. The vulnerability affects any application or service that uses the vulnerable versions of base-x for encoding or decoding cryptocurrency addresses or similar data, potentially impacting wallets, exchanges, payment processors, and other blockchain-related infrastructure.

For European organizations, especially those involved in cryptocurrency exchange, wallet services, blockchain infrastructure, and financial technology, this vulnerability poses a significant risk of financial fraud and theft. Attackers exploiting homoglyph confusion can redirect cryptocurrency payments to attacker-controlled addresses without detection by end users or automated systems relying on visual verification. This undermines trust in digital asset transactions and can lead to substantial monetary losses. The impact extends to customer confidence and regulatory compliance, as financial institutions must ensure secure transaction processing. Additionally, organizations integrating base-x in broader software stacks may inadvertently expose themselves to supply chain risks. Given the irreversible nature of cryptocurrency transactions, recovery from such attacks is difficult. The lack of required authentication or user interaction for exploitation increases the threat surface. Although no exploits are currently known in the wild, the high CVSS score and the nature of the vulnerability suggest that attackers could develop effective phishing or social engineering campaigns leveraging homoglyph confusion. This vulnerability could also facilitate sophisticated fraud schemes targeting European users, potentially affecting cross-border transactions and complicating incident response and legal recourse.

European organizations should immediately audit their software dependencies to identify usage of the base-x library, especially versions prior to 3.0.11, 4.0.0, and 5.0.0. Upgrading to patched versions 3.0.11, 4.0.1, or 5.0.1 is critical to eliminate the vulnerability. Beyond patching, organizations should implement additional controls such as: 1) Employing address validation tools that normalize and detect homoglyph substitutions, flagging suspicious addresses before transaction approval. 2) Enhancing user interfaces to display addresses in multiple formats (e.g., QR codes, checksums, or fingerprint hashes) to reduce reliance on visual inspection alone. 3) Training staff and users to recognize homoglyph risks and encouraging verification through out-of-band methods. 4) Integrating automated transaction monitoring systems that detect anomalous payment destinations or patterns indicative of homoglyph attacks. 5) Collaborating with software vendors and open-source communities to promote best practices in encoding libraries to prevent homoglyph confusion. 6) For critical systems, implementing multi-factor verification steps for cryptocurrency transactions to prevent unauthorized fund redirection. These measures, combined with timely patching, will significantly reduce the risk posed by this vulnerability.