| Severity | Tool | Title | Validated | Confirmed |
|---|---|---|---|---|
| high | detector | Untrusted DELEGATECALL target reachable | no | no |
| high | slither | Comptrollerable.transferFeesToComptroller() (node_modules/@sablier/evm-utils/src/Comptrollerable.sol#62-74) sends eth to arbitrary user | no | — |
| high | slither | Batch.batch(bytes[]) (node_modules/@sablier/evm-utils/src/Batch.sol#13-34) has delegatecall inside a loop in a payable function: (success,result) = address(this).delegatecall(ca... | no | — |
| high | slither | SablierFlowState.aggregateAmount (src/abstracts/SablierFlowState.sol#20) is never initialized. It is used in: | no | — |
| high | slither | SablierFlowState._streams (src/abstracts/SablierFlowState.sol#32) is never initialized. It is used in: | no | — |
| medium | cast | DELEGATECALL present | no | — |
| medium | detector | Untrusted CALL target/value reachable | no | no |
| medium | detector | ETH value transfer possible | no | no |
| Run ID | Status | Validated | Total findings | Created |
|---|---|---|---|---|
| 019be3d6-8451-73ae-9304-bf01aa16f7fb | complete | crit 0 high 0 | 8 | 2 months ago |