Common fork bugs

Compound

Compound: price manipulation of DAI on Coinbase impacted Coinbase oracle price Postmortem
CREAM: flashloan attack & reentrancy with ERC777-like token (no checks-effects-interaction protection) Postmortem POC
CREAM: Price manipulation Postmortem POC
Lendf.me: Flashloan and reentrancy (no checks-effects-interaction protection) Postmortem
Compound: Double-entry point token issue Retrospective POC
Lodestar Finance: Exchange rate manipulation Thread POC
Hundred Finance: Flashloan and reentrancy on gnosis, where native token has callback hook (no checks-effects-interaction protection) Postmortem
Ola Finance: Flashloan and reentrancy (no checks-effects-interaction protection) Postmortem
Rari Capital: Flashloan and reentrancy (no checks-effects-interaction protection) POC
Venus: Chainlink LUNA oracle became inaccurate during the Terra collapse, which cause a similar result as oracle manipulation and led to draining of protocols writeup
Hundred Finance: Exploit of empty markets Postmortem POC
0VIX: price oracle vulnerability allowed donation-based price maniulation Thread POC
Midas Capital: Exploit of empty markets writeup
Onyx Finance: Exploit of empty markets Postmortem POC
Sonne Finance: Exploit of empty markets Postmortem

Aave V2: risk of price manipulation can lead to accumulating bad debt Governance proposed mitigation writeup
Blizz Finance: Chainlink LUNA oracle became inaccurate during the Terra collapse, which had a similar result as oracle manipulation and led to draining of protocols writeup
Agave Finance: Flashloan and reentrancy on gnosis, where native token has callback hook (no checks-effects-interaction protection) Postmortem
HopeLend: Empty market issue (same as the issue in Compound Finance) combined with rounding error writeup
Radiant Finance: Empty market issue (same as the issue in Compound Finance) combined with rounding error writeup

Name		Name	Last commit message	Last commit date
Latest commit History 14 Commits
README.md		README.md