diff --git a/solidity-auditor/references/attack-vectors/attack-vectors-1.md b/solidity-auditor/references/attack-vectors/attack-vectors-1.md
index 2f50536..1f78efc 100644
--- a/solidity-auditor/references/attack-vectors/attack-vectors-1.md
+++ b/solidity-auditor/references/attack-vectors/attack-vectors-1.md
@@ -1,6 +1,6 @@
 # Attack Vectors Reference (1/4)
 
-170 total attack vectors
+171 total attack vectors
 
 ---
 
diff --git a/solidity-auditor/references/attack-vectors/attack-vectors-2.md b/solidity-auditor/references/attack-vectors/attack-vectors-2.md
index cb36d20..a01c55c 100644
--- a/solidity-auditor/references/attack-vectors/attack-vectors-2.md
+++ b/solidity-auditor/references/attack-vectors/attack-vectors-2.md
@@ -1,6 +1,6 @@
 # Attack Vectors Reference (2/4)
 
-170 total attack vectors
+171 total attack vectors
 
 ---
 
diff --git a/solidity-auditor/references/attack-vectors/attack-vectors-3.md b/solidity-auditor/references/attack-vectors/attack-vectors-3.md
index 51ac5e2..d7cee2a 100644
--- a/solidity-auditor/references/attack-vectors/attack-vectors-3.md
+++ b/solidity-auditor/references/attack-vectors/attack-vectors-3.md
@@ -1,6 +1,6 @@
 # Attack Vectors Reference (3/4)
 
-170 total attack vectors
+171 total attack vectors
 
 ---
 
diff --git a/solidity-auditor/references/attack-vectors/attack-vectors-4.md b/solidity-auditor/references/attack-vectors/attack-vectors-4.md
index ac5be21..60aeca4 100644
--- a/solidity-auditor/references/attack-vectors/attack-vectors-4.md
+++ b/solidity-auditor/references/attack-vectors/attack-vectors-4.md
@@ -1,6 +1,6 @@
 # Attack Vectors Reference (4/4)
 
-170 total attack vectors
+171 total attack vectors
 
 ---
 
@@ -239,3 +239,12 @@
 
 - **D:** Contract hashes raw calldata for uniqueness (`processedHashes[keccak256(msg.data)]`). Dynamic-type ABI encoding uses offset pointers — multiple distinct calldata layouts decode to identical values. Attacker bypasses dedup with semantically equivalent but bytewise-different calldata.
 - **FP:** Uniqueness check hashes decoded parameters: `keccak256(abi.encode(decodedParams))`. Nonce-based replay protection. Only fixed-size types in signature (no encoding ambiguity).
+
+---
+
+---
+
+**171. Short Address/Parameter Attack**
+
+- **D:** External applications or exchanges pass short parameters (e.g., 19-byte address instead of 20) during contract interaction. The EVM pads the missing bytes with trailing zeros, potentially multiplying the subsequent `amount` parameter.
+- **FP:** Input validation exists within the off-chain system, or contract explicitly verifies `msg.data.length` against the expected parameter size.