bug-bounty622
facebook479
xss316
google174
microsoft120
rce102
apple72
csrf60
web355
account-takeover53
writeup51
exploit43
sqli41
dos36
ssrf34
cve33
cloudflare32
privilege-escalation29
defi28
malware27
node26
smart-contract-vulnerability25
idor25
subdomain-takeover24
clickjacking23
smart-contract23
ethereum23
access-control21
react21
vulnerability-disclosure21
reverse-engineering20
auth-bypass19
aws19
remote-code-execution18
lfi18
cloud17
docker17
cors17
oauth17
supply-chain17
race-condition17
info-disclosure16
browser14
authentication-bypass14
solidity14
phishing14
denial-of-service11
sql-injection11
delegatecall11
wordpress10
0
vulnerability
Two high-severity Denial of Service vulnerabilities discovered in Stargate, LayerZero's liquidity layer: Bug #1 exploits a Solidity quirk where try/catch statements revert when calling non-contract addresses, allowing attackers to permanently freeze message channels by targeting non-existent contracts with swap payloads; Bug #2 abuses SSTORE gas costs to create payloads exceeding the 175k gas budget allocated for cross-chain message delivery, causing out-of-gas reverts that block the entire bridge channel.
layerzero
stargate
cross-chain
dos-attack
solidity-vulnerability
bridge-security
gas-attack
callback-vulnerability
smart-contract
liquidity-layer
try-catch-vulnerability
returndata-bomb
sstore-gas-abuse
message-ordering
lz-endpoint
Stargate
LayerZero
ULNv1
MPTValidator
Immunefi
Router
Bridge
sgReceive()
lzReceive()