Prior known-ignored disclosure

Centrifuge's assessment for RD-F-177 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

False — no evidence found of any disclosure that was known to the team and not actioned before an exploit. No prior exploits occurred (RD-F-077 = 0). Cantina 2024 critical router finding was discovered during an audit, was not exploited, and was fixed before deployment. GitHub security repo shows 3 open issues (2019 DMARC/SPF findings) — none appear to be pre-exploit ignored vulnerability disclosures.

Sources #

GitHub
https://github.com/centrifuge/security/issuesretrieved 2026-04-27
URL
https://cantina.xyz/blog/router-flawretrieved 2026-04-27

Methodology #

Determine whether evidence exists in prior-incident post-mortems that a disclosed vulnerability was reported to the team and not actioned before exploit.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol centrifuge factor RD-F-177 score green collected_at 2026-04-30 21:19:10