Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
Curve Finance

Curve Finance Vendor Cyber Rating & Cyber Score

curve.finance


Curve Finance A.I CyberSecurity Scoring

Curve Finance
Company Information
Website:https://curve.finance/
Employees number:4
Number of followers:0
NAICS:513
Industry Type:Technology, Information and Internet
Homepage:curve.finance
Curve Finance Risk Score (AI oriented)
Between 750 and 799
logo
Curve FinanceTechnology, Information and Internet
Updated:
13/03/2026
775/1000
Fair
Baa
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
Curve Finance Global Score (TPRM)
xxxx
logo
Curve FinanceTechnology, Information and Internet
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

Curve Finance
Curve FinanceFair
Current Score
775Baa (FAIR)
01000
1 incidents
-34 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
777Before Incident
JUNE 2026
777Before Incident
MAY 2026
776Before Incident
APRIL 2026
776Before Incident
MARCH 2026
775Before Incident
FEBRUARY 2026
808Before Incident
Cyber Attack
31 Jan 2026Curve Finance
CrossCurve and Curve Finance: CrossCurve Bridge Hacked for $3M After Smart Contract Validation Vulnerability Exploited

CrossCurve Bridge Exploit Drains $3 Million in Multi-Chain Cyberattack

774After Incident
CRITICAL-34
CURCRO1770021757
CrossCurve Bridge Exploit Drains $3 Million in Multi-Chain Cyberattack CrossCurve, a cross-chain decentralized exchange and liquidity protocol formerly known as EYWA, suffered a major cyberattack on January 31 after attackers exploited a smart contract vulnerability, draining approximately $3 million across multiple blockchain networks. The CrossCurve team confirmed the incident on Sunday, urging users to halt all interactions with the protocol while investigations continued. The attack stemmed from a flaw in the ReceiverAxelar contract, which lacked a critical validation check, allowing threat actors to bypass gateway security using spoofed cross-chain messages. By calling the expressExecute function with forged data, attackers triggered unauthorized token unlocks via the PortalV2 contract, siphoning funds without proper authorization. Blockchain security firm Defimon Alerts identified the root cause, while Arkham Intelligence data revealed the PortalV2 contract’s balance plummeted from $3 million to near zero during the exploit. The attack spanned multiple chains, underscoring the risks of cross-chain messaging systems. CrossCurve, developed in partnership with Curve Finance, had marketed its "Consensus Bridge" which routes transactions through Axelar, LayerZero, and the EYWA Oracle Network as a security advantage, claiming the redundancy minimized failure risks. However, the breach demonstrated that a single vulnerable smart contract could compromise the entire system, regardless of layered validation. The protocol has significant backing in DeFi, including a $7 million venture capital raise and an investment from Curve Finance founder Michael Egorov in September 2023. Following the exploit, Curve Finance advised users with exposure to EYWA-related pools to review their positions. Security researchers noted parallels to the 2022 Nomad bridge hack, where a flawed validation mechanism led to a $190 million exploit, later replicated by copycat attackers. The CrossCurve incident reignites concerns over bridge security in decentralized finance.
INCIDENT DETAILS -
TYPE
Smart Contract Exploit
MOTIVATION
Financial gain
IMPACT
Financial Loss: $3 millionSystems Affected: Cross-chain decentralized exchange and liquidity protocolOperational Impact: Users urged to halt all interactions with the protocolBrand Reputation Impact: Significant
JANUARY 2026
808Before Incident
DECEMBER 2025
808Before Incident
NOVEMBER 2025
808Before Incident
OCTOBER 2025
808Before Incident
SEPTEMBER 2025
808Before Incident
AUGUST 2025
808Before Incident

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for Curve Finance ?
?
What was Curve Finance's A.I Rankiteo Cyber Score in June 2026 ?
?
What was Curve Finance's A.I Rankiteo Cyber Score in May 2026 ?
?
What was Curve Finance's A.I Rankiteo Cyber Score in April 2026 ?
?
What was Curve Finance's A.I Rankiteo Cyber Score in March 2026 ?
?
What was Curve Finance's A.I Rankiteo Cyber Score in February 2026 ?
?
What was Curve Finance's A.I Rankiteo Cyber Score in January 2026 ?
?
What was Curve Finance's A.I Rankiteo Cyber Score in December 2025 ?
?
What was Curve Finance's A.I Rankiteo Cyber Score in November 2025 ?
?
What was Curve Finance's A.I Rankiteo Cyber Score in October 2025 ?
?
What was Curve Finance's A.I Rankiteo Cyber Score in September 2025 ?
?
What was Curve Finance's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on Curve Finance's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with Curve Finance ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view Curve Finance's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?