Lido: CSM related vulnerabilities have been fixed, and the vulnerabilities were not exploited

ChainCatcher message, Lido has released a security disclosure on platform X: vulnerabilities related to Lido CSM and the permissionless validator contract used for validating validator withdrawals have been reported and fixed.

The vulnerability was not exploited, and no CSM node operators were affected. stETH holders were also unaffected. As part of the fix, a vulnerability mitigation was implemented through an oracle solution (disabling the bond destruction feature) and DAO proposal 190 was voted on.

Lido has paid a bounty to the white hat hacker who disclosed the issue through the Lido×Immunefi project.