Seunlanlege

**Name of the Vulnerable Software and Affected Versions** Hyperbridge versions prior to 15.0.1 **Description** Hyperbridge is a hyper-scalable coprocessor for verifiable, cross-chain interoperability. A critical issue in the `ismp-grandpa` crate allows a malicious prover to convince the verifier of the finality of arbitrary headers, which could lead to the theft of funds or the compromise of cross-chain applications. This occurs because the verifier only accepts invalid signatures of Grandpa precommits. Specifically, the `handleConsensus()` function calls `IConsensus(host.consensusClient()).verifyConsensus()`, where a missing negation check in a conditional statement causes the system to reject valid signatures and accept invalid ones. **Recommendations** Update to version 15.0.1.