CVE/GHSA advisory issued against protocol

Sushi (SushiSwap) — v2 + v3 + Trident + BentoBox/Kashi + SushiXSwap's assessment for RD-F-178 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

No CVE or GHSA formally issued against SushiSwap's deployed contracts found. RouteProcessor2 and Kashi vulnerabilities were disclosed via post-mortems and third-party analyses (rekt.news, BlockSec, Hacken) but did not result in a formal CVE or GHSA entry in the GitHub Advisory Database. Absence of a formal adverse advisory is green for this factor.

Sources #

URL
GitHub Advisory Database — searched for SushiSwap entriesGitHub Advisory Database — no SushiSwap CVE/GHSA foundretrieved 2026-05-17

Methodology #

Determine whether a CVE, GHSA, or equivalent public advisory has been issued against this protocol or its code.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol sushi factor RD-F-178 score green collected_at 2026-05-16 19:50:37