Rewards Hub HypurrFi, the native non-custodial lending protocol of HyperEVM, has identified a "rounding error" vulnerability in versions of Aave V3 prior to 3.5. This flaw could potentially allow attackers to exploit supply/withdraw and borrow/repay cycles to extract underlying tokens. The vulnerability affects the XAUT0 and UBTC markets within HypurrFi Pooled.
In response, HypurrFi has paused new deposits and borrowing in these markets, although withdrawals and repayments remain operational. The protocol assures users that funds are not currently at risk. The issue was detected through HypurrFi's internal monitoring system, and the team is working with Aave deployers and security researchers to address the problem. Other Aave fork projects are encouraged to contact HypurrFi for further security insights.
HypurrFi Identifies Rounding Error Vulnerability in Aave V3, Pauses Markets
Disclaimer: The content provided on Phemex News is for informational purposes only. We do not guarantee the quality, accuracy, or completeness of the information sourced from third-party articles. The content on this page does not constitute financial or investment advice. We strongly encourage you to conduct you own research and consult with a qualified financial advisor before making any investment decisions.