TechFlow News, according to BlockSec analysis, SushiSwap's KashiPairMediumRiskV1 contract suffered two attacks due to a logic vulnerability, causing incorrect token price calculations and resulting in asset losses. The Sushi team promptly took action to "protect certain valuable but vulnerable pools from further attacks" and "provide programs to compensate users who lost funds due to the vulnerability."
BlockSec warned that dozens of pools built on Ethereum and BNB Chain may be affected by this vulnerability. A temporary solution is to periodically or occasionally call the UpdateExchangeRate function to reduce or eliminate the pricing deviation.Source




