bug-bounty622
facebook468
xss316
google162
microsoft106
rce105
apple69
csrf61
web354
account-takeover54
writeup51
exploit43
sqli41
cve37
ssrf35
dos33
cloudflare33
malware30
privilege-escalation29
defi28
smart-contract-vulnerability25
node24
idor24
subdomain-takeover24
smart-contract23
clickjacking23
ethereum23
access-control21
vulnerability-disclosure21
browser20
auth-bypass20
lfi19
aws19
remote-code-execution18
docker17
reverse-engineering17
react17
cloud17
oauth16
cors16
race-condition16
info-disclosure15
solidity14
authentication-bypass14
phishing13
supply-chain13
wordpress12
denial-of-service11
delegatecall11
sql-injection11
0
vulnerability
A critical censorship vulnerability was discovered in Optimism's sequencer where the chain ID was not validated before rate limiting, allowing attackers to replay transactions from other chains to indefinitely censor 1.3 million accounts by triggering rate limits. The bug affected major protocols including LayerZero, Aave, Uniswap, and Optimism's own multisig owners, enabling selective account censorship with strategic timing control.
sequencer-vulnerability
rate-limiting-bypass
transaction-censorship
chain-id-validation
layer-2
optimism
dos-attack
eip-155
json-rpc
proxyd
single-point-of-failure
censorship-resistance
replay-attack
nonce-validation
Optimism Labs
Bernard Wagner
iosiro
Optimism Bedrock
LayerZero
Across
Synapse
Hop Bridge
LayerSwap
Aave
Uniswap
Immunefi
Dune Analytics
EIP-155
proxyd