Prior known-ignored disclosure
Babylon Protocol's assessment for RD-F-177 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.
Evidence summary #
No prior exploits in the record; no case of a disclosure being received and ignored before exploitation. All known disclosures were actioned: OZ 2026 (4 vulnerabilities, all patched); GHSA-2fcv-qww3-9v6h (patched v4.1.0); GHSA-m6wq-66p2-c8pc (patched v4.2.0); GHSA-xq4h-wqm2-668w (patched v4.1.0). OZ explicitly states Babylon Labs responded promptly.
Sources #
- GitHubGHSA-2fcv-qww3-9v6h Babylon Security AdvisoryGHSA-2fcv-qww3-9v6h — patched in v4.1.0 (Nov 2025)retrieved 2026-05-04
- Babylon PR #1911 — fix: checkpointing handle mismatch type of injected txPR #1911 merged 2026-01-05 — type assertion fix (OZ finding 4)retrieved 2026-05-04
- OpenZeppelin Security Research on BabylonOZ research — confirms all 4 vulnerabilities reported and fixed; 'Babylon Labs triaged reports quickly, communicated clearly, and shipped fixes promptly'retrieved 2026-05-04
Methodology #
Determine whether evidence exists in prior-incident post-mortems that a disclosed vulnerability was reported to the team and not actioned before exploit.
See the full factor methodology and distribution across all protocols →
rubric_version v1.7.0 protocol babylon-protocol factor RD-F-177 score green collected_at 2026-05-04 19:43:27