CVE-2026-34209 mppx: Tempo has a session close voucher bypass vulnerability due to settled amount equality

mppx is a TypeScript interface for machine payments protocol. Prior to version 0.4.11, the tempo/session cooperative close handler validated the close voucher amount using "" instead of "=" against the on-chain settled amount. An attacker could submit a close voucher exactly equal to the settled...