CVE-2026-59694
CVE-2026-59694 affects ZenHive mpp (Elixir library) when configured as the fee payer. The issue occurs in MPP.Tempo.Transaction.cosign_fee_payer/3, which re-signs client-supplied base fields of the 0x76 AASigned envelope verbatim, including the EIP-2930 access list, without validating length or c...