bug-bounty507
xss286
rce142
bragging-post119
account-takeover104
google100
exploit94
open-source93
csrf85
authentication-bypass80
facebook75
stored-xss74
cve73
microsoft73
privilege-escalation73
access-control67
ai-agents64
reflected-xss63
web-security63
writeup58
ssrf52
input-validation52
malware51
sql-injection49
smart-contract48
defi48
cross-site-scripting47
tool46
ethereum45
privacy45
information-disclosure44
phishing41
api-security41
web-application38
llm37
lfi37
apple36
opinion36
burp-suite36
automation35
vulnerability-disclosure34
cloudflare34
infrastructure33
idor33
oauth33
responsible-disclosure33
smart-contract-vulnerability33
html-injection33
web333
dos32
0
5/10
vulnerability
Vesu disclosed a critical rounding convention vulnerability in the Singleton contract's liquidate_position function that could allow fund theft through malicious pool extensions, flashloans, and receive_as_shares flag manipulation. The vulnerability was remediated by removing the affected liquidation logic, whitelisting pool extensions, and migrating all user funds.
rounding-convention
lending-protocol
smart-contract
liquidation
bug-bounty
responsible-disclosure
defi
cairo
starknet
flashloan-attack
pool-extension
whitelisting
vulnerability-remediation
Vesu
Immunefi
Argent Labs
ChainSecurity
Re7 Labs
Braavos
Alterscope