bug-bounty622
facebook464
xss316
google151
rce105
microsoft97
apple65
csrf61
account-takeover54
web354
writeup51
exploit42
sqli41
cve37
ssrf35
cloudflare33
dos33
malware29
privilege-escalation29
defi28
smart-contract-vulnerability25
idor24
subdomain-takeover24
ethereum23
smart-contract23
clickjacking23
access-control21
node21
vulnerability-disclosure21
browser20
auth-bypass20
lfi19
aws19
remote-code-execution18
react17
cloud17
reverse-engineering16
cors16
docker16
oauth15
info-disclosure15
race-condition15
solidity14
authentication-bypass14
supply-chain13
phishing13
wordpress12
denial-of-service11
sql-injection11
delegatecall11
0
vulnerability
A critical censorship vulnerability was discovered in Optimism's sequencer where the chain ID was not validated before rate limiting, allowing attackers to replay transactions from other chains to indefinitely censor 1.3 million accounts by triggering rate limits. The bug affected major protocols including LayerZero, Aave, Uniswap, and Optimism's own multisig owners, enabling selective account censorship with strategic timing control.
sequencer-vulnerability
rate-limiting-bypass
transaction-censorship
chain-id-validation
layer-2
optimism
dos-attack
eip-155
json-rpc
proxyd
single-point-of-failure
censorship-resistance
replay-attack
nonce-validation
Optimism Labs
Bernard Wagner
iosiro
Optimism Bedrock
LayerZero
Across
Synapse
Hop Bridge
LayerSwap
Aave
Uniswap
Immunefi
Dune Analytics
EIP-155
proxyd