{"id":18012,"date":"2026-03-06T19:52:39","date_gmt":"2026-03-06T19:52:39","guid":{"rendered":"https:\/\/cryptoted.net\/index.php\/2026\/03\/06\/secured-2-public-vulnerability-disclosures\/"},"modified":"2026-03-06T19:52:39","modified_gmt":"2026-03-06T19:52:39","slug":"secured-2-public-vulnerability-disclosures","status":"publish","type":"post","link":"https:\/\/cryptoted.net\/index.php\/2026\/03\/06\/secured-2-public-vulnerability-disclosures\/","title":{"rendered":"Secured #2: Public Vulnerability Disclosures"},"content":{"rendered":"<p> <br \/>\n<br \/><img decoding=\"async\" src=\"https:\/\/blog.ethereum.org\/images\/posts\/upload_630d77544672a1e0df792c0d71489bd6.jpg\" \/><\/p>\n<div id=\"\">\n<p class=\"chakra-text css-gi02ar\">Today, we disclosed the first set of vulnerabilities from the Ethereum Foundation&#8217;s Bug Bounty Programs. These vulnerabilities were previously discovered and reported directly to the Ethereum Foundation or client teams via the Bug Bounty Programs for both the <a target=\"_blank\" rel=\"noopener\" class=\"chakra-link css-vezwxf\" href=\"https:\/\/bounty.ethereum.org\">Execution Layer<\/a> and <a target=\"_blank\" rel=\"noopener\" class=\"chakra-link css-vezwxf\" href=\"https:\/\/eth2bounty.ethereum.org\">Consensus Layer<\/a>.<\/p>\n<p class=\"chakra-text css-gi02ar\">Through its Bug Bounty Programs, which allow the Ethereum Foundation (EF) to coordinate and cross-check vulnerabilities across clients, the EF currently accepts vulnerability reports for Nimbus, Teku, Lighthouse, Prysm, Lodestar, Go Ethereum, Nethermind, Erigon and Besu.<\/p>\n<h2 class=\"chakra-heading group css-1kpzc4q\" id=\"new-repository--vulnerability-list\" data-group=\"true\"><a class=\"chakra-link css-128fqrf\" aria-label=\"new repository  vulnerability list permalink\" href=\"#new-repository--vulnerability-list\"><svg viewbox=\"0 0 24 24\" focusable=\"false\" class=\"chakra-icon css-173jpr1\"><g fill=\"currentColor\"><path d=\"M10.458,18.374,7.721,21.11a2.853,2.853,0,0,1-3.942,0l-.892-.891a2.787,2.787,0,0,1,0-3.941l5.8-5.8a2.789,2.789,0,0,1,3.942,0l.893.892A1,1,0,0,0,14.94,9.952l-.893-.892a4.791,4.791,0,0,0-6.771,0l-5.8,5.8a4.787,4.787,0,0,0,0,6.77l.892.891a4.785,4.785,0,0,0,6.771,0l2.736-2.735a1,1,0,1,0-1.414-1.415Z\"\/><path d=\"M22.526,2.363l-.892-.892a4.8,4.8,0,0,0-6.77,0l-2.905,2.9a1,1,0,0,0,1.414,1.414l2.9-2.9a2.79,2.79,0,0,1,3.941,0l.893.893a2.786,2.786,0,0,1,0,3.942l-5.8,5.8a2.769,2.769,0,0,1-1.971.817h0a2.766,2.766,0,0,1-1.969-.816,1,1,0,1,0-1.415,1.412,4.751,4.751,0,0,0,3.384,1.4h0a4.752,4.752,0,0,0,3.385-1.4l5.8-5.8a4.786,4.786,0,0,0,0-6.771Z\"\/><\/g><\/svg><\/a>New repository &amp; vulnerability list<\/h2>\n<p class=\"chakra-text css-gi02ar\">The full list of vulnerabilities, along with additional information, can be found <a target=\"_blank\" rel=\"noopener\" class=\"chakra-link css-vezwxf\" href=\"https:\/\/github.com\/ethereum\/public-disclosures\/\">in a git repository here<\/a>.<\/p>\n<p class=\"chakra-text css-gi02ar\"><strong>The new <a target=\"_blank\" rel=\"noopener\" class=\"chakra-link css-vezwxf\" href=\"https:\/\/github.com\/ethereum\/public-disclosures\/\">disclosures repository<\/a><\/strong> catalogues all known vulnerabilities that were patched prior to the latest hardforks on the Execution Layer and Consensus Layer.<\/p>\n<p class=\"chakra-text css-gi02ar\">We would like to give a massive <strong><em class=\"chakra-text css-0\">shout out<\/em><\/strong> to everyone involved in the discovery and reporting of vulnerabilities, as well as to the teams responsible for fixing them. While we have attempted to include the names or aliases of the reporters, there are many developers and researchers within the client teams and in the Ethereum Foundation who found and corrected vulnerabilities outside of the bounty program. There are also many unsung heroes such as client team developers, community members, and many more who have spent countless hours triaging, cross-checking, and mitigating vulnerabilities before they could be exploited.<\/p>\n<p class=\"chakra-text css-gi02ar\">For more information, and to learn more about disclosure policies, timelines, and cataloging, head over to the new <a target=\"_blank\" rel=\"noopener\" class=\"chakra-link css-vezwxf\" href=\"https:\/\/github.com\/ethereum\/public-disclosures\/\">disclosures repository<\/a>.<\/p>\n<p class=\"chakra-text css-gi02ar\">Your immense efforts have been instrumental to ensuring Ethereum&#8217;s security. <strong><em class=\"chakra-text css-0\">Thank you!<\/em><\/strong><\/p>\n<\/div>\n<p><br \/>\n<br \/><a href=\"https:\/\/blog.ethereum.org\/en\/2022\/03\/09\/secured-no-2\">Source link <\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Today, we disclosed the first set of vulnerabilities from the Ethereum Foundation&#8217;s Bug Bounty Programs. These vulnerabilities were previously discovered and reported directly to the Ethereum Foundation or client teams via the Bug Bounty Programs for both the Execution Layer and Consensus Layer. Through its Bug Bounty Programs, which allow the Ethereum Foundation (EF) to [&hellip;]<\/p>\n","protected":false},"author":6,"featured_media":17825,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"tdm_status":"","tdm_grid_status":"","footnotes":""},"categories":[24],"tags":[],"kronos_expire_date":[],"class_list":["post-18012","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-ethereum"],"_links":{"self":[{"href":"https:\/\/cryptoted.net\/index.php\/wp-json\/wp\/v2\/posts\/18012","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cryptoted.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cryptoted.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cryptoted.net\/index.php\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/cryptoted.net\/index.php\/wp-json\/wp\/v2\/comments?post=18012"}],"version-history":[{"count":0,"href":"https:\/\/cryptoted.net\/index.php\/wp-json\/wp\/v2\/posts\/18012\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cryptoted.net\/index.php\/wp-json\/wp\/v2\/media\/17825"}],"wp:attachment":[{"href":"https:\/\/cryptoted.net\/index.php\/wp-json\/wp\/v2\/media?parent=18012"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cryptoted.net\/index.php\/wp-json\/wp\/v2\/categories?post=18012"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cryptoted.net\/index.php\/wp-json\/wp\/v2\/tags?post=18012"},{"taxonomy":"kronos_expire_date","embeddable":true,"href":"https:\/\/cryptoted.net\/index.php\/wp-json\/wp\/v2\/kronos_expire_date?post=18012"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}