The KashiPairMediumRiskV1 contract of SushiSwap has a logical vulnerability, and the official team has taken remedial measures

ChainCatcher news, according to BlockSec analysis, SushiSwap's KashiPairMediumRiskV1 contract suffered two attacks due to a logical vulnerability, resulting in incorrect token price calculations and asset losses. The Sushi team promptly took action to "protect some valuable but vulnerable liquidity pools from attacks" and "provide a program to compensate users who lost funds due to the vulnerability."

BlockSec warns that dozens of liquidity pools built on Ethereum and BNB Chain may be affected by this vulnerability, and a temporary solution to the issue is to occasionally or regularly call the UpdateExchangeRate function to reduce or eliminate the deviation. (source link)