defirisk.co
rubric v1.7.0

CVE/GHSA advisory issued against protocol

Balancer (v2 + v3)'s assessment for RD-F-178 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

No CVE/NVD entry found for Balancer protocol in searches. GHSA advisory status in the balancer-v2-monorepo or balancer-v3-monorepo GitHub Security tab not directly verified (no GHSA API access in this session). The November 2025 exploit generated extensive third-party analyses (Trail of Bits, Certora, Check Point Research, BlockSec, Halborn) but these are blog posts, not formal CVE/GHSA advisories. No specific CVE ID surfaced. Score: yellow (existence of GHSA advisory cannot be confirmed or excluded without direct GHSA search; code-security-analyst should verify).

Sources #

  • GitHub
    https://github.com/balancer/balancer-v2-monoreporetrieved 2026-05-05

Methodology #

Determine whether a CVE, GHSA, or equivalent public advisory has been issued against this protocol or its code.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol balancer factor RD-F-178 score yellow collected_at 2026-05-05 12:41:36