A critical vulnerability in Axelar Network allowed attackers to force validators to miss votes by crafting transactions with excessive logs that exceed Tendermint's 1MB RPC request limit, leading to automatic Chain Maintainer deregistration and potential halt of cross-chain operations. The vulnerability has been patched via governance proposal 256 disabling the auto-deregistration mechanism.
Researcher disclosed two critical bugs in Sei Network's Cosmos blockchain: (1) an ABCI EndBlocker panic triggered via vesting accounts that would halt the chain, and (2) a balance transfer vulnerability in EVM integration allowing arbitrary fund transfers. Both were caught pre-mainnet and awarded $75k and $2M respectively.
Story Network's postmortem analysis reveals two critical vulnerabilities discovered during mainnet launch. The first issue allowed attackers to create arbitrarily large EVM transaction payloads (>4MB) that would cause validator crashes and network shutdown through JSON marshalling inefficiencies and inadequate block size validation inherited from Octane codebase.