CVE-2026-34209
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Summary
mppx is a TypeScript interface for machine payments protocol. Prior to version 0.4.11, the tempo/session cooperative close handler validated the close voucher amount using "<" instead of "<=" against the on-chain settled amount. An attacker could submit a close voucher exactly equal to the settled amount, which would be accepted without committing any new funds, effectively closing or griefing the channel for free. This issue has been patched in version 0.4.11.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| wevm | mppx | < 0.4.11 | affected |
Weaknesses
- CWE-294: CWE-294: Authentication Bypass by Capture-replay
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: partial
References
- https://github.com/wevm/mppx/security/advisories/GHSA-mv9j-8jvg-j8mr
- https://github.com/wevm/mppx/commit/94088246ee18f21b5d6be40d9e7a464f5a280bfb
- https://github.com/wevm/mppx/releases/tag/mppx@0.4.11
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.