Overview · filecoin-project/curio · GitHub

Security

No security policy detected

This project has not set up a SECURITY.md file yet.

Report a vulnerability

Database credentials exposed through verbose HTTP error responses in PDP, Market mk12, and Market mk20 handlers
GHSA-gj6x-q8rh-wj6x published Feb 25, 2026 by Reiers

Moderate

Learn more about advisories related to filecoin-project/curio in the GitHub Advisory Database