bug-bounty507
xss286
rce140
bragging-post119
account-takeover104
google99
exploit93
open-source93
csrf85
authentication-bypass81
facebook75
stored-xss74
privilege-escalation74
microsoft72
cve71
access-control68
ai-agents64
web-security63
reflected-xss63
writeup58
input-validation52
ssrf52
sql-injection49
malware49
smart-contract48
defi48
cross-site-scripting47
tool46
ethereum45
privacy45
information-disclosure44
phishing42
api-security41
web-application38
lfi37
llm37
burp-suite36
opinion36
apple35
vulnerability-disclosure35
automation35
cloudflare34
idor33
smart-contract-vulnerability33
responsible-disclosure33
html-injection33
oauth33
web333
infrastructure33
machine-learning32
0
5/10
bug-bounty
A researcher discovered a critical $150,000 Evmos vulnerability by simply reading Cosmos documentation—sending funds to the distribution module account (which should be blocklisted) triggered invariant violations that halted the entire blockchain and all dependent dApps.
cosmos-blockchain
evmos
module-accounts
invariant-breaking
fund-transfer
denial-of-service
blockchain-halting
bug-bounty
web3-security
golang
bragging-post
Evmos
Cosmos
Immunefi
jayjonah.eth
x/bank module
distribution module