Upstream vulnerability disclosure (last 90d)

Lista DAO's assessment for RD-F-128 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

No public MakerDAO/DAI CDP vulnerability disclosure in the last 90 days identified. MakerDAO active development focuses on Sky/Endgame rebranding; no CDP core vat/jug security advisories found in the 90-day window (Feb–May 2026).

Sources #

GitHub
MakerDAO DSS Security AdvisoriesMakerDAO dss GitHub — no recent security advisories on main CDP contracts in 90-day windowretrieved 2026-05-12

Methodology #

Determine whether the upstream has a public vulnerability disclosure in the last 90 days that affects this fork's deployed code.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol lista-dao factor RD-F-128 score green collected_at 2026-05-12 17:54:05