amm-oracle

1 article

sort: new top best

bug-bounty496 xss255 rce132 bragging-post119 google109 account-takeover107 authentication-bypass94 privilege-escalation92 open-source92 facebook86 csrf83 malware83 microsoft76 access-control75 stored-xss75 ai-agents67 web-security64 reflected-xss63 exploit62 phishing59 cve55 information-disclosure52 input-validation52 sql-injection51 smart-contract49 defi48 cross-site-scripting48 privacy47 tool46 ethereum46 reverse-engineering45 ssrf44 api-security44 vulnerability-disclosure40 web-application38 ai-security38 burp-suite37 opinion37 llm37 dos36 writeup36 apple36 automation35 responsible-disclosure35 cloudflare34 remote-code-execution33 web333 infrastructure33 html-injection33 smart-contract-vulnerability33

0 7/10

Enzyme

bug-bounty

Enzyme Finance had a critical price oracle manipulation vulnerability in Idle token pricing where flashloans could manipulate the totalSupply used in price calculations (totalNav/totalSupply). Researcher setuid0 discovered and reported the bug with a working PoC, earning a $90,000 bounty.

price-oracle-manipulation flashloan-attack defi-security smart-contract-vulnerability idle-finance enzyme-finance bug-bounty vulnerability-disclosure on-chain-oracle amm-oracle

Enzyme Finance Immunefi setuid0 SSLab Georgia Tech IdleTokenGovernance.sol IdlePriceFeed.sol ComptrollerLib.sol VaultInterpreter.sol IDerivativePriceFeed.sol Aave Uniswap Sushiswap PancakeSwap Curve Bancor Balancer Chainlink

medium.com · unknown · 17 hours ago · details