The 0x project disclosed a potential exploit in its Exchange contract that was discovered by 3rd party security researcher Sam Sun. The Exchange contract contains most of the business logic within the 0x protocol, including filling and cancelling orders, executing transactions, validating signatures and registering new contracts in the system.
According to CEO and co-founder of 0x Will Warren in a note to , "This vulnerability would allow an attacker to fill certain orders with invalid signatures. This vulnerability does not effect the ZRX token contract; your digital assets are safe." However, as a precaution, 0x shut down the Exchange contract and Asset Proxy contracts responsible for performing asset transfers on the 0x protocol.