Lido – Node Operator can exit and slash their validator to move withdrawal finalization border epoch Bypassing the border epoch as determined by the mass slashing event. Vulnerability Details During a mass slashing event, the withdrawal queue may delay finalization […]
Lido – Uncaught exception on creating ejection report The report generation cannot be completed and submitted due to this bug. Vulnerability Details The get_remaining_forced_validators function is designed to remove validators that are […]
Othentic – Invalid EigenLayer reward submission The standard rewards distribution process (as recommended by the CLI) fails, resulting in gas loss for the AVS manager. Vulnerability Details The OperatorDirectedRewardsSubmission struct […]
Othentic – Uncleared claims Operators face the risk of losing rewards on the default L2 and also jeopardizesubsequent rewards on the non-default L2. Vulnerability Details The AVSGovernance contract […]
Othentic – Permanent revert on rewards submission Permanent blockage in the rewards distribution process. Vulnerability Details In the AVSGovernance contract, when processing a payment request from the AttestationCenter contract, the function […]
YieldNest – Invalid decimals used to calculate totalAssets The primary outcome of this vulnerability is that the totalAssets variable will be inaccurately calculated, leading to theft of assets or potential losses for […]
YieldNest – Inflating vault’s share rate via reentrancy This attack results in the theft of assets alongside an inflated share value Vulnerability Details The withdrawal process from the Max Vault works in […]
YieldNest – Invalid amounts of asset returned by strategies This issue prevents the successful withdrawal of assets based on the values returned by the ERC4626 functions and their equivalent versions for different assets. […]
YieldNest – Fee on withdrawal from strategy can lead to protocol’s loss Due to this vulnerability the protocol experiences a loss of assets proportional to the fees charged. Vulnerability Details The Max Vaults allocate assets to […]
