Shared-library version with known-vuln status

Meteora's assessment for RD-F-135 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Anchor 0.31.0 is a recent stable release and the recommended production version for Solana programs as of 2025-2026. Solana SDK 2.1.0 is current. No known CVE or GHSA advisory against anchor-lang 0.31.0. Bytemuck 1.13.1 and 1.20.0 have no known critical vulnerabilities.

Sources #

GitHub
DAMM v2 Cargo.toml - Library VersionsMeteoraAg/damm-v2 Cargo.toml - anchor-lang 0.31.0, solana-sdk 2.1.0retrieved 2026-05-16
GitHub
DBC Repository - Toolchain RequirementsMeteoraAg/dynamic-bonding-curve README - Anchor 0.31.0, Rust 1.79.0, Solana 2.1.0retrieved 2026-05-16

Methodology #

Identify the version of key shared libraries (OZ, Solady, Solmate) used and check against CVE/GHSA databases for any active advisory.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol meteora factor RD-F-135 score green collected_at 2026-05-16 10:03:05