solana
Sealevel · bump seed canonicalization
sealevel-bump-seed
source ↗The program accepts an arbitrary bump seed parameter from the caller without validation, allowing an attacker to derive and update arbitrary PDAs that were not intended to be mutable. This violates the security principle of bump seed canonicalization.
1 findings
highMissing Bump Seed Canonicalization
category: pda-bumpcomponent: lib.rs::set_value
Exploit-relevant detail is embargoed under responsible disclosure. The maintainers have been notified. Full description and fix auto-publish on 6/23/2026.