Does anyone know if the sources are vulnerable too? I compiled mine from the sourceforge repo, but I did not carefully check for blobs. update: I refer to bitcointrader project at SF (which seems to be the official one). I could not find any blob in it. I do not understand enough the code to audit it.