CVE-2026-28410

The Graph (pre-3.0.0) had a flaw in token vesting contracts that could allow users to access tokens still locked by the vesting schedule. The issue is resolved in version 3.0.0. The CVSS metrics indicate NETWORK access with low complexity and no user interaction, resulting in a medium base score....