https://sherlock-files.ams3.digitaloceanspaces.com/profile_images/87431a17-9bc5-4ee0-952d-866721733a0e.jpg

Vesko210

Security Researcher

Finding bugs If you're interested in an audit, reach out

Contact Me

High

7

Total

Medium

21

Total

$3.63K

Total Earnings

#1213 All Time

15x

Payouts

bronze

1x

3rd Places

regular

6x

Top 10

regular

11x

Top 25

All

Sherlock

Code4rena

Cantina

CodeHawks

Dec '25

Monolith Stablecoin Factory

Monolith Stablecoin Factory

1,691.10 USDC • 2 total findings • Sherlock • Valves

bronze

high

Borrower can extract unbacked Coin at the expense of the protocol

medium

A single borrower being written off will create unbacked stablecoins for all users

Nov '25

stNXM by EaseDeFi

stNXM by EaseDeFi

4.51 USDC • 4 total findings • Sherlock • Vesko210

#36

medium

Missing slippage protection in Uniswap V3 liquidity operations

medium

Oracle `sanePrice` does not guard from manipulations after time has passed

medium

Missing tranche update in `extendDeposit` causes loss of stake tracking and rewards

medium

Duplicate tranche tracking

Megapot

Megapot

0.13 USDC • 2 total findings • Code4rena • vesko210

#25

medium

Global Variable Manipulation During Active Draw Alters End Result

medium

Incorrect ticket price reference in JackpotBridgeManager causes user overpayment after price updates

Oct '25

Avon-Contracts

Avon-Contracts

524.22 USDC • 5 total findings • Cantina • Valves

#6

medium

Finding not yet public.

medium

Finding not yet public.

medium

Finding not yet public.

medium

Finding not yet public.

medium

Finding not yet public.

Sep '25

Summer.fi - governance v2

Summer.fi - governance v2

9.82 USDC • 1 total finding • Sherlock • Vesko210

#8

medium

Small stakers can be unable to claim rewards due to an attack

Aug '25

USG - Tangent

USG - Tangent

6.43 USDC • 1 total finding • Sherlock • Vesko210

#62

medium

Frontrunning `processRewards` allows attacker to capture unintended rewards

Morpheus

Morpheus

6.61 USDC • 1 total finding • Code4rena • vesko210

#10

medium

Same heartbeat for multiple price feeds is vulnerable

Jul '25

pike-tapio-monrepo

pike-tapio-monrepo

130.34 USDC • 2 total findings • Cantina • vesko210

#18

medium

Finding not yet public.

medium

Finding not yet public.

succinct-network

succinct-network

249.3 USDC • 2 total findings • Cantina • vesko210

#27

medium

Finding not yet public.

medium

Finding not yet public.

May '25

ammalgam-contracts

ammalgam-contracts

114.56 USDC • 1 total finding • Cantina • vesko210

#18

high

Finding not yet public.

Audit 507

Audit 507

183.07 USDC • Code4rena • vesko210

#17

Apr '25

mighty-contracts

mighty-contracts

491.1 USDC • 4 total findings • Cantina • vesko210

#15

high

Finding not yet public.

high

Finding not yet public.

high

Finding not yet public.

high

Finding not yet public.

Feb '25

TermMax

TermMax

211.47 USDC • Cantina • vesko210

#9

Core Contracts

Core Contracts

3.03 usdc • 4 total findings • CodeHawks • vesko2100

#321

high

Multiple Delegation by Double Spending Boosts and Lack of Delegation Tracking in BoostController Contract

medium

Flawed Boost Multiplier Calculation Always Yields Maximum Boost

low

Lack of enforcement of the `MAX_TOTAL_LOCKED_AMOUNT`

low

Overwriting Previous Allocations in allocateFunds May Lead to Loss of Cumulative Allocation Data

Dec '24

Flex Perpetuals

Flex Perpetuals

0.93 USDC • 1 total finding • Code4rena • vesko210

#6

medium

Missing slippage protection in `AerodromeDexter.sol` `swapExactTokensForTokens()`