Shared-library version with known-vuln status

Sanctum's assessment for RD-F-135 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

anchor-lang 0.28.0, solana-program 1.14.20/1.17.6: no active high/critical CVE or GHSA advisory identified. SPL Token canonical programs maintained by Solana Foundation with no active advisory. No known-vuln on any identified shared library.

Sources #

URL
crates.io solana-sdkcrates.io solana-sdk — no security advisory bannerretrieved 2026-05-04

Methodology #

Identify the version of key shared libraries (OZ, Solady, Solmate) used and check against CVE/GHSA databases for any active advisory.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol sanctum factor RD-F-135 score green collected_at 2026-05-04 18:49:23