CVE/GHSA advisory issued against protocol

Aave v3's assessment for RD-F-178 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

No CVE (Common Vulnerabilities and Exposures) or GHSA (GitHub Security Advisory) formally filed for any Aave vulnerability. The stable rate vulnerability (Nov 2023) would have qualified for a GHSA. Aave discloses via governance forum posts, not CVE/GHSA registries. Yellow: no formal public advisory filings. Consistent with T-10 finding.

Sources #

Governance
Aave v2/v3 Security Incident (November 4, 2023)Stable rate security incident Nov 2023retrieved 2026-04-27

Methodology #

Determine whether a CVE, GHSA, or equivalent public advisory has been issued against this protocol or its code.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol aave-v3 factor RD-F-178 score yellow collected_at 2026-04-27 23:28:46