bug-bounty407
google401
xss352
microsoft314
facebook284
exploit191
apple187
rce176
malware145
cve111
account-takeover96
browser89
csrf86
writeup71
privilege-escalation66
phishing63
dos60
react60
supply-chain57
bragging-post55
authentication-bypass54
node51
cloudflare51
ssrf50
docker48
aws48
access-control46
smart-contract45
reverse-engineering45
web345
ethereum43
oauth42
defi42
pentest41
sql-injection40
idor36
lfi36
info-disclosure35
race-condition34
cloud32
smart-contract-vulnerability32
buffer-overflow31
auth-bypass30
wordpress29
clickjacking29
subdomain-takeover27
solidity27
vulnerability-disclosure25
cors24
web-application24
0
8/10
vulnerability
Two high-severity denial-of-service vulnerabilities discovered in Stargate's LayerZero integration: (1) a Solidity try/catch quirk where calling non-contract addresses bypasses exception handling and permanently freezes message channels, and (2) a gas exhaustion attack leveraging excessive SSTORE operations (22.1k gas per operation) in the catch clause when storing malicious payloads, both capable of blocking bridged message delivery across chains.
layerzero
stargate
cross-chain-bridge
dos-attack
solidity-quirk
gas-exhaustion
try-catch
callback-vulnerabilities
liquidity-protocol
message-ordering
sgreceive
returndata-bomb
sstores
lz-message-delivery
Stargate
LayerZero
ULNv1
MPTValidator
Immunefi
Router
Bridge
Endpoint