Curve Finance A.I CyberSecurity Scoring
Curve Finance
Company Information
Website:https://curve.finance/
Employees number:4
Number of followers:0
NAICS:513
Industry Type:Technology, Information and Internet
Homepage:curve.finance
Curve Finance Risk Score (AI oriented)
Between 750 and 799
Curve FinanceTechnology, Information and Internet
Updated:
13/03/2026
13/03/2026
775/1000
Fair
Baa
Curve Finance Global Score (TPRM)
xxxx
Curve FinanceTechnology, Information and Internet
Score locked

Curve FinanceFair
Current Score
775Baa (FAIR)
01000
1 incidents
-34 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
777
JUNE 2026
777
MAY 2026
776
APRIL 2026
776
MARCH 2026
775
FEBRUARY 2026
808
Cyber Attack
31 Jan 2026 • Curve Finance
CrossCurve and Curve Finance: CrossCurve Bridge Hacked for $3M After Smart Contract Validation Vulnerability Exploited
CrossCurve Bridge Exploit Drains $3 Million in Multi-Chain Cyberattack
774
CRITICAL-34
CURCRO1770021757
CrossCurve Bridge Exploit Drains $3 Million in Multi-Chain Cyberattack
CrossCurve, a cross-chain decentralized exchange and liquidity protocol formerly known as EYWA, suffered a major cyberattack on January 31 after attackers exploited a smart contract vulnerability, draining approximately $3 million across multiple blockchain networks.
The CrossCurve team confirmed the incident on Sunday, urging users to halt all interactions with the protocol while investigations continued. The attack stemmed from a flaw in the ReceiverAxelar contract, which lacked a critical validation check, allowing threat actors to bypass gateway security using spoofed cross-chain messages. By calling the expressExecute function with forged data, attackers triggered unauthorized token unlocks via the PortalV2 contract, siphoning funds without proper authorization.
Blockchain security firm Defimon Alerts identified the root cause, while Arkham Intelligence data revealed the PortalV2 contract’s balance plummeted from $3 million to near zero during the exploit. The attack spanned multiple chains, underscoring the risks of cross-chain messaging systems.
CrossCurve, developed in partnership with Curve Finance, had marketed its "Consensus Bridge" which routes transactions through Axelar, LayerZero, and the EYWA Oracle Network as a security advantage, claiming the redundancy minimized failure risks. However, the breach demonstrated that a single vulnerable smart contract could compromise the entire system, regardless of layered validation.
The protocol has significant backing in DeFi, including a $7 million venture capital raise and an investment from Curve Finance founder Michael Egorov in September 2023. Following the exploit, Curve Finance advised users with exposure to EYWA-related pools to review their positions.
Security researchers noted parallels to the 2022 Nomad bridge hack, where a flawed validation mechanism led to a $190 million exploit, later replicated by copycat attackers. The CrossCurve incident reignites concerns over bridge security in decentralized finance.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
REFERENCES
JANUARY 2026
808
DECEMBER 2025
808
NOVEMBER 2025
808
OCTOBER 2025
808
SEPTEMBER 2025
808
AUGUST 2025
808
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for Curve Finance ??
What was Curve Finance's A.I Rankiteo Cyber Score in June 2026 ??
What was Curve Finance's A.I Rankiteo Cyber Score in May 2026 ??
What was Curve Finance's A.I Rankiteo Cyber Score in April 2026 ??
What was Curve Finance's A.I Rankiteo Cyber Score in March 2026 ??
What was Curve Finance's A.I Rankiteo Cyber Score in February 2026 ??
What was Curve Finance's A.I Rankiteo Cyber Score in January 2026 ??
What was Curve Finance's A.I Rankiteo Cyber Score in December 2025 ??
What was Curve Finance's A.I Rankiteo Cyber Score in November 2025 ??
What was Curve Finance's A.I Rankiteo Cyber Score in October 2025 ??
What was Curve Finance's A.I Rankiteo Cyber Score in September 2025 ??
What was Curve Finance's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on Curve Finance's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with Curve Finance ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view Curve Finance's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?