Home
News
Details

Security firm Innora discloses two critical vulnerabilities in Saturn, affecting $35 million in funds.

iconKuCoinFlash
Share
Share IconShare IconShare IconShare IconShare IconShare IconCopy
This is the logo of the coin.
ETH
$2,280.76-2.77%
AI summary iconSummary

expand icon
On April 14, 2026, security firm Innora disclosed two critical vulnerabilities in the Ethereum-based lending protocol Saturn, exposing $35 million in funds. The first vulnerability could freeze withdrawals for 30 days or longer, while the second allows privileged addresses to legally withdraw up to 33.33% per operation. A single exploit could siphon $157,000, with a total potential risk of $4.26 million. Innora noted that over 90% of Saturn’s assets are held off-chain, raising concerns under MiCA and CFT frameworks. The vulnerabilities remain unpatched.

BlockBeats report: On April 14, security firm Innora released a report stating that the Ethereum-based yield protocol Saturn has two critical vulnerabilities, including:


· Withdrawal freeze vulnerability: Under normal business operations, all user funds could be locked, with a minimum freeze period of 30 days—or indefinitely in extreme cases. No hacker is required; the protocol can trigger this on its own.


The privileged address in the protocol can legally withhold up to 33.33% of funds per operation. Based on current data, this amounts to a maximum of approximately $157,000 per transaction, with a theoretical total risk of up to $4.26 million.


Innora stated that over 90% of Saturn's assets are managed off-chain by a privileged address, leaving users entirely dependent on trust. As of the report's publication, this vulnerability remains unpatched.

Source:Show original
Disclaimer: The information on this page may have been obtained from third parties and does not necessarily reflect the views or opinions of KuCoin. This content is provided for general informational purposes only, without any representation or warranty of any kind, nor shall it be construed as financial or investment advice. KuCoin shall not be liable for any errors or omissions, or for any outcomes resulting from the use of this information. Investments in digital assets can be risky. Please carefully evaluate the risks of a product and your risk tolerance based on your own financial circumstances. For more information, please refer to our Terms of Use and Risk Disclosure.