bug-bounty622
facebook479
xss316
google174
microsoft120
rce102
apple72
csrf60
web355
account-takeover53
writeup51
exploit43
sqli41
dos36
ssrf34
cve33
cloudflare32
privilege-escalation29
defi28
malware27
node26
smart-contract-vulnerability25
idor25
subdomain-takeover24
clickjacking23
smart-contract23
ethereum23
access-control21
react21
vulnerability-disclosure21
reverse-engineering20
auth-bypass19
aws19
remote-code-execution18
lfi18
cloud17
docker17
cors17
oauth17
supply-chain17
race-condition17
info-disclosure16
browser14
authentication-bypass14
solidity14
phishing14
denial-of-service11
sql-injection11
delegatecall11
wordpress10
0
bug-report
Security researcher Merkle Bonsai documents a hybrid NFT vulnerability in Ocean Protocol where on-chain Data Description Objects (DDOs) can be modified to enable attacks, exploiting the protocol's reliance on modifiable on-chain data structures. The article discusses how these hybrid attacks work and references previous analysis of Ocean Protocol's design vulnerabilities.
ocean-protocol
nft
hybrid-attack
smart-contract
ddo
blockchain
on-chain-data
bug-report
vulnerability-disclosure
Ocean Protocol
Merkle Bonsai
Immunefi
Oasys
Ethereum
Eco
Bandai Namco
DoubleJump.japan