CVE/GHSA advisory issued against protocol

Liquity V1 + V2 (LUSD / BOLD)'s assessment for RD-F-178 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

No CVE or GHSA advisory has been issued against Liquity. The Sep 2022 Tellor vulnerability was disclosed via the Liquity blog but not assigned a CVE or GHSA number. No GitHub Security Advisory exists in the liquity/dev or liquity/bold repos. The Feb 2025 Stability Pool issue was disclosed via the Liquity blog without formal advisory database assignment. Under the factor definition, no CVE/GHSA = no public advisory issued = favorable (advisory issuance signals a known exploitable vulnerability that has been formally catalogued).

Sources #

URL
V2 Redeployment Updates (reference; no CVE found)Web search for Liquity CVE GHSA advisory — no results found confirming issuanceretrieved 2026-05-16
URL
Tellor Issue and FixLiquity blog Tellor disclosure — no CVE/GHSA number assigned in the write-upretrieved 2026-05-16

Methodology #

Determine whether a CVE, GHSA, or equivalent public advisory has been issued against this protocol or its code.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol liquity factor RD-F-178 score green collected_at 2026-05-16 10:35:50