According to PANews, BitsLab's security team, TonBit, recently identified a null pointer dereference vulnerability in the INMSGPARAM instruction of the TON Virtual Machine (TVM) version 2025.04. This flaw could allow attackers to crash the virtual machine by crafting specific message parameters. TonBit proactively reported the issue, leading to its resolution and acknowledgment by the official team before the launch of TVM11. The vulnerability originated from the as_tuple() function, which lacked null pointer validation. TonBit has emphasized its commitment to enhancing TVM security measures to ensure the stability of contract execution on the blockchain.