CoinVoice has recently learned that Lido has published a security disclosure on platform X: vulnerabilities related to Lido CSM and the permissionless validator contract used for validating validator withdrawals have been reported and fixed.

The vulnerability was not exploited, and no CSM node operators were affected. stETH holders were also unaffected. As part of the fix, the vulnerability was addressed through an oracle mitigation solution (disabling the bond destruction feature) and DAO voting proposal 190.

Lido has paid a bug bounty to the white hat hacker who disclosed the issue through the Lido×Immunefi project. [Original link]