All chains running CometBFT should look into this unpatched 0-day vulnerability instead of relying on Cosmos
Some non-Cosmos chains I know of that use CometBFT: BNB Chain, Polygon (POS), Sei, Thorchain, etc
This vulnerability can potentially lead to nodes getting DDoSed, or worse the chain halting if validators start going offline
BNB AI BNB تاریخچه قیمت USD
تجارت BNB در سه مرحله
یک حساب کاربری رایگان ایجاد کنید، حساب خود را شارژ کنید، افزودن سپس ارز دیجیتال خود را انتخاب کنیدکسب درآمد حتی بدون دانش مالی
Put your idle crypto to work and earn passive income through savings, staking, and more.BNB AI X Insight
I’m disclosing a 0-day vulnerability in the Cosmos consensus layer (CometBFT).
This is a CVSS 7.1 (High) severity issue that can cause nodes in the Cosmos ecosystem—which secures over $8B+ in assets—to stall during the block synchronization phase. However, direct asset theft is not possible using this vulnerability.
I made every effort to follow Coordinated Vulnerability Disclosure (CVD) for the safety of the ecosystem; however, due to the vendor’s lack of cooperation and irresponsible decisions, I have decided to proceed with disclosure.
This action is taken in accordance with the vendor’s final decision. All resulting security risks are solely the responsibility of the vendor, and I will therefore disclose both the vendor’s irresponsible handling and the detailed vulnerability information in this thread.
Crypto Bridge hacks in the past 5 years:
- Poly Network, $611m
- Ronin, $624m
- Wormhole, $326m
- Nomad, $190m
- BNB Bridge, $586m
And yet, after this and 2 weeks after the Drift hack, the KelpDAO team were still happy using a SINGLE verifier system?
Clown show.
Exchange Tokens Across Major CEXs
1. @Binance - $BNB
2. @MEXC - $MX
3. @Kucoincom - $KCS
4. @Gate - $GT
5. @Bybit_Official - $MNT
6. @Cryptocom - $CRO
7. @OKX - $OKB
8. @Bitget - $BGB
9. @HTX_Global - $HT
Do you hold any of these?
For the full breakdown and deeper insights into spot CEX trading, check out our latest report 👇
https://t.co/drMflsYrLr
