PT-2025-5577

Name of the Vulnerable Software and Affected Versions Hyperbridge versions prior to 15.0.1 Description A critical issue was discovered in the ismp-grandpa crate, allowing a malicious prover to easily convince the verifier of the finality of arbitrary headers. This could be used to steal funds or...

Potential stack use-after-free in `Instrumented::into_inner`

The implementation of the Instrumented::intoinner method in affected versions of this crate contains undefined behavior due to incorrect use of std::mem::forget The function creates const pointers to self, calls mem::forgetselfstd::mem::forget, and then moves values out of those pointers using...