bug-bounty507
xss286
rce140
bragging-post119
account-takeover104
google99
exploit93
open-source93
csrf85
authentication-bypass81
facebook75
stored-xss74
privilege-escalation74
microsoft72
cve71
access-control68
ai-agents64
web-security63
reflected-xss63
writeup58
input-validation52
ssrf52
sql-injection49
malware49
smart-contract48
defi48
cross-site-scripting47
tool46
ethereum45
privacy45
information-disclosure44
phishing42
api-security41
web-application38
lfi37
llm37
burp-suite36
opinion36
apple35
vulnerability-disclosure35
automation35
cloudflare34
idor33
smart-contract-vulnerability33
responsible-disclosure33
html-injection33
oauth33
web333
infrastructure33
machine-learning32
0
5/10
vulnerability
Vesu disclosed a critical rounding convention vulnerability in the Singleton contract's liquidate_position function that could allow fund theft through malicious pool extensions, flashloans, and receive_as_shares flag manipulation. The vulnerability was remediated by removing the affected liquidation logic, whitelisting pool extensions, and migrating all user funds.
rounding-convention
lending-protocol
smart-contract
liquidation
bug-bounty
responsible-disclosure
defi
cairo
starknet
flashloan-attack
pool-extension
whitelisting
vulnerability-remediation
Vesu
Immunefi
Argent Labs
ChainSecurity
Re7 Labs
Braavos
Alterscope