bug-bounty622
facebook479
xss316
google174
microsoft120
rce102
apple72
csrf60
web355
account-takeover53
writeup51
exploit43
sqli41
dos36
ssrf34
cve33
cloudflare32
privilege-escalation29
defi28
malware27
node26
smart-contract-vulnerability25
idor25
subdomain-takeover24
clickjacking23
smart-contract23
ethereum23
access-control21
react21
vulnerability-disclosure21
reverse-engineering20
auth-bypass19
aws19
remote-code-execution18
lfi18
cloud17
docker17
cors17
oauth17
supply-chain17
race-condition17
info-disclosure16
browser14
authentication-bypass14
solidity14
phishing14
denial-of-service11
sql-injection11
delegatecall11
wordpress10
0
vulnerability
O3 bridge aggregators are vulnerable to token theft through callproxy parameter manipulation in exactInputSinglePToken(), allowing attackers to impersonate approved users and steal their funds when they've approved the aggregator with non-MAX amounts. The vulnerability affects all O3 aggregators across 10+ chains, though the team disputed the severity citing their frontend's default MAX approval behavior.
defi
bridge
token-theft
authorization-bypass
smart-contract-vulnerability
uniswap
ethereum
cross-chain
aggregator
approval-vulnerability
access-control
impersonation
bug-bounty
patch
O3
O3EthereumUniswapV3Aggregator
0x561f712b4659be27efa68043541876a137da532b
0xC11073e2F3EC407a44b1Cff9D5962e6763F71187
0xdAC17F958D2ee523a2206206994597C13D831ec7
0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2
0x1337133713371337133713371337133713371337
0xDjango
Immunefi
Uniswap V3