I've identified a security vulnerability in StakingBrain that affects the Validator Keymanager API connection. The issue could allow unauthorized access to validator configuration under certain conditions.
I'd like to report this privately rather than in a public issue. Could you please:
- Enable GitHub Private Vulnerability Reporting on this repository, or
- Provide a security contact email where I can send the full report
The full technical report with details, CVSS scoring, and remediation is ready to send.
Thank you.
(No technical details are included here intentionally — I will share everything through a private channel.)
I've identified a security vulnerability in StakingBrain that affects the Validator Keymanager API connection. The issue could allow unauthorized access to validator configuration under certain conditions.
I'd like to report this privately rather than in a public issue. Could you please:
The full technical report with details, CVSS scoring, and remediation is ready to send.
Thank you.
(No technical details are included here intentionally — I will share everything through a private channel.)