PT-2023-26566 · Hydra · Hydra

Name of the Vulnerable Software and Affected Versions: Hydra versions prior to 0.12.0 Description: Hydra is a layer-two scalability solution for Cardano. The issue arises when the ViaAbort redeemer is used in the commit validator, allowing any user to spend any UTxO arbitrarily, which means an...