bug-bounty497
google318
xss300
microsoft262
facebook230
rce194
exploit166
apple155
malware144
cve131
account-takeover113
bragging-post110
privilege-escalation88
csrf86
authentication-bypass71
stored-xss66
writeup62
phishing62
browser59
reflected-xss59
dos59
supply-chain57
access-control52
reverse-engineering50
input-validation49
web-security49
react49
cloudflare48
defi48
ssrf48
smart-contract47
cross-site-scripting46
open-source46
oauth44
ethereum44
sql-injection43
lfi43
aws41
web340
node39
docker38
web-application38
race-condition37
ctf37
api-security36
burp-suite36
ai-agents35
pentest35
info-disclosure35
buffer-overflow33
0
7/10
vulnerability
A round-down vulnerability in Astroport's Staking.rs contract allows attackers to mint zero xASTRO tokens by exploiting the absence of minimum liquidity requirements, breaking staking functionality and enabling governance control through voting power monopolization. The fix involves implementing a MINIMUM_LIQUIDITY constraint similar to Uniswap V2.
smart-contract-vulnerability
round-down-bug
token-inflation
governance-attack
defi
staking-vulnerability
dos-denial-of-service
minimum-liquidity
voting-power-manipulation
astroport
Astroport
ChainLight
SunSec
Immunefi
xASTRO
ASTRO
Staking.rs
Uniswap V2
0
6/10
bug-bounty
A critical vulnerability in Q Blockchain's voting mechanism allows attackers to manipulate voting power through improper handling of voting weight delegation and locking logic, particularly in the VotingWeightProxy contract's interaction with voting delegation. The bug was discovered during a bug bounty hunt and rewarded $50,000.
smart-contract-vulnerability
voting-mechanism
reentrancy
logic-bug
blockchain
ethereum
q-blockchain
bug-bounty
voting-power-manipulation
Q Blockchain
Immunefi
RootsVoting.sol
VotingWeightProxy
IVoting