PeckShield Inc.(@peckshield ):A victim just lost a Alchemix Yearn yvVault position $yvWETH (estimated $~1m), from an earlier approval to an unverified contract (https://t.co/7FZN41E15u). This unverified contract, created 10 days ago, turns out to be buggy and can be exploited for arbitrary call execution. Here is the vulnerable logic from the decompiled contract, affected in the following exploit tx:

PeckShield Inc.

@peckshield

A blockchain security and data analytics company (telegram:

Joined January 2018

604 Following 81.7K Followers

PeckShield Inc.@peckshield

2026.04.29 01:14

A victim just lost a Alchemix Yearn yvVault position $yvWETH (estimated $~1m), from an earlier approval to an unverified contract ( This unverified contract, created 10 days ago, turns out to be buggy and can be exploited for arbitrary call execution. Here is the vulnerable logic from the decompiled contract, affected in the following exploit tx: