https://sherlock-files.ams3.digitaloceanspaces.com/twitter_images/4c1e890a-9d06-4e93-8a82-69444567676b.jpg

mahmud

Security Researcher

Blockchain security researcher

Contact Me

High

Total

Medium

Total

$2.32K

Total Earnings

#973 All Time

7x

Payouts

1x

2nd Places

2x

Top 10

3x

Top 25

All

Sherlock

Code4rena

Cantina

Jan '25

Aave v3.3

672.54 USDC • Sherlock • mahmud

#34

Aug '24

Winnables Raffles

0.76 USDC • 1 total finding • Sherlock • mahmud

#38

medium

Inability to Revoke Roles Leading to Permanent Privilege Escalation Risk

May '24

Munchables

0.02 USDC • 2 total findings • Code4rena • Mahmud

#15

high

Invalid validation allows users to unlock early

medium

Missing disapproval check in `LockManager.sol::approveUSDPrice` allows simultaneous approval and disapproval of a price proposal

safe-extensions

87.5 USDC • 1 total finding • Cantina • Mahmud

#26

medium

Finding not yet public.

Apr '24

DYAD

7.54 USDC • 2 total findings • Code4rena • Mahmud

#99

high

Unable to withdraw Kerosene from `vaultmanagerv2::withdraw` as it expects a `vault.oracle()` method which is missing in Kerosene vaults

medium

Incorrect deployment / missing contract will break functionality

Mar '24

vVv Vesting & Staking

495.33 USDC • Sherlock • mahmud

Feb '24

Jala Swap

1,055.07 USDC • 2 total findings • Sherlock • mahmud

medium

DOS in JalaPair contract in critical functions like mint, burn and swap due to overflow.

medium

Less Amount of Wrapped token is sent to the `JalaRouter02` than should be when calling `swapExactTokensForETH` in the `JalaMasterRouter`.