bug-bounty438
google354
xss345
microsoft282
facebook246
apple172
exploit163
rce160
malware102
account-takeover95
cve91
csrf83
bragging-post80
writeup79
browser77
privilege-escalation68
react60
authentication-bypass57
cloudflare54
dos53
node52
ssrf51
docker51
phishing49
aws48
access-control47
smart-contract45
oauth45
supply-chain44
ethereum43
defi42
web342
sql-injection41
lfi37
idor34
smart-contract-vulnerability32
web-application31
race-condition31
reverse-engineering31
info-disclosure31
clickjacking31
wordpress30
vulnerability-disclosure30
cloud29
burp-suite28
information-disclosure28
solidity27
web-security27
ctf26
responsible-disclosure26
0
8/10
vulnerability
A critical bug in Fringe.fi's lending protocol allows borrowers to withdraw collateral without accruing interest being updated, leaving the protocol in an undercollaterized state. The vulnerability occurs when withdrawing non-maximum amounts, as the accrual field remains stale and isn't counted against the borrower's health factor calculation, enabling attackers to drain the protocol's reserves.
lending-protocol
smart-contract-bug
collateral-management
health-factor-bypass
interest-accrual-bug
compound-fork
protocol-insolvency
undercollaterization
bug-bounty
Fringe.fi
Frax Share
USDC
Compound V2
PIT (Primary Index Token)