Product
Multiple vulnerabilities in the `mppx` npm package (versions prior to 0.4.8) allow for payment bypass, transaction replay attacks, fee manipulation, signature bypass, and channel griefing, potentially leading to financial loss and service disruption.