Moonwell lending protocol suffers $1.78 million loss after second oracle misconfiguration in four months

February 15, 2026

Moonwell lending protocol suffers $1.78 million loss after second oracle misconfiguration in four months

After an oracle misconfiguration, the Moonwell defi lending protocol accumulated $1.78 million in bad debt. When the protocol showed that cbETH was priced at just over a dollar, rather than its actual market price of around $2,200, bots and humans alike rushed to take advantage of the mispricing. The error cascaded into liquidations across the platform.

This is the second time Moonwell has suffered a loss thanks to an oracle misconfiguration. In November 2025, the platform was left with almost $3.7 million in bad debt after a different asset was mispriced.

Although the vulnerable pull requests were at least partially developed by an AI tool, the security auditor who initially attributed the vulnerability to Claude Opus 4.6 later softened his criticism, noting that even senior developers could have made the same mistake. He did, however, criticize the project for a lack of sufficiently rigorous testing that should have caught the issue.

"Moonwell hit by $1.78M exploit as AI vibe coding debate reaches DeFi", CoinTelegraph [archive]
DeFi lending protocol Moonwell hit with $1.8 million bad debt after oracle misconfiguration, The Block