A vulnerability labeled as problematic has been found in ZenHive mpp up to 0.5.9. Affected is the function
cosign_fee_payer of the component Access List Handler. Executing a manipulation of the argument access list can lead to improper input validation.
The identification of this vulnerability is CVE-2026-59694. The attack may be launched remotely. There is no exploit available.