2 matches found
GHSA-WWX5-GPGR-VXR7 ismp-grandpa crate accepted incorrect signatures
A critical vulnerability was discovered in the ismp-grandpa crate, that allowed a malicious prover easily convince the verifier of the finality of arbitrary headers. Description The vulnerability manifests as a verifer that only accepts incorrect signatures of Grandpa precommits and was introduce...
CVE-2025-24800
The CVE-2025-24800 vulnerability affects the ismp-grandpa crate used by Hyperbridge. A flaw in Grandpa signature verification could cause a malicious prover to convince the verifier of the finality of arbitrary headers, potentially enabling fund theft or compromise of cross-chain applications. Th...