Shared-library version with known-vuln status

Euler V2's assessment for RD-F-135 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

OZ contracts pinned to v5.0.2 (commit e682c7e5). Known high/critical OZ advisories affect versions <4.3.2 or <4.7.3 — all below 5.0.2. Snyk reports v5.6.0+ shows 0 vulnerabilities; v5.0.2 is between 4.7.3 and 5.6.0, above all patched advisory thresholds. No active high/critical GHSA for OZ v5.0.2 found. EVC pinned (euler-xyz own code, separately audited). Permit2 (Uniswap) mature library with no active critical advisories.

Sources #

URL
Snyk OZ Contracts Vulnerability DBSnyk OZ contracts — v5.6.0+ shows 0 vulns; v5.0.2 above all advisory thresholdsretrieved 2026-05-04
GitHub
OZ v5.0.2 Release NotesOZ v5.0.2 release — Base64 fix only, no security advisoryretrieved 2026-05-04

Methodology #

Identify the version of key shared libraries (OZ, Solady, Solmate) used and check against CVE/GHSA databases for any active advisory.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol euler-v2 factor RD-F-135 score green collected_at 2026-05-04 19:56:06