bug-bounty507
xss286
rce138
bragging-post119
account-takeover104
google98
open-source93
exploit92
csrf85
authentication-bypass82
privilege-escalation76
stored-xss74
facebook74
cve70
microsoft69
access-control68
ai-agents64
reflected-xss63
web-security63
writeup58
ssrf52
input-validation52
sql-injection49
smart-contract48
defi48
cross-site-scripting47
malware47
tool46
privacy45
ethereum45
information-disclosure44
phishing41
api-security41
web-application38
lfi37
llm37
vulnerability-disclosure36
opinion36
burp-suite36
automation35
apple35
cloudflare34
infrastructure33
idor33
oauth33
responsible-disclosure33
smart-contract-vulnerability33
web333
html-injection33
machine-learning32
0
5/10
bug-bounty
A researcher discovered a critical $150,000 Evmos vulnerability by simply reading Cosmos documentation—sending funds to the distribution module account (which should be blocklisted) triggered invariant violations that halted the entire blockchain and all dependent dApps.
cosmos-blockchain
evmos
module-accounts
invariant-breaking
fund-transfer
denial-of-service
blockchain-halting
bug-bounty
web3-security
golang
bragging-post
Evmos
Cosmos
Immunefi
jayjonah.eth
x/bank module
distribution module