Apply suggestions from code review

Co-authored-by: oeggert <117319296+oeggert@users.noreply.github.com>

blog/2026/vulnerabilitydisclosurereport-bug-feb2026.md

@@ -1,6 +1,6 @@
 ---
 category: 2026
-date: "2026-02-25"
+date: "2026-02-26"
 template: '../../@theme/templates/blogpost'
 seo:
     description: This vulnerability disclosure report contains technical details of the XRP Ledger bug reported on February 19, 2026.
@@ -14,15 +14,15 @@ markdown:
 
 _By XRPL Labs_
 
-This vulnerability disclosure report contains technical details of the XRPL Batch amendment reported on February 19, 2026.
+This vulnerability disclosure report contains technical details of the XRPL `Batch` amendment bug reported on February 19, 2026.
  
 **Date Reported:** February 19, 2026  
 
-**Affected Version(s):** rippled 3.1.0 (with the `featureBatch` amendment enabled)
+**Affected Version(s):** rippled 3.1.0 (with the `Batch` amendment enabled)
 
 ## Summary of Vulnerability
 
-On February 19, 2026, **Pranamya Keshkamat** and **Cantina AI** identified a critical logic flaw in the signature-validation logic of the XRPL `Batch` amendment. The bug allowed an attacker to execute inner transactions on behalf of arbitrary victim accounts without their private keys, enabling unauthorized fund transfers and ledger state changes. The amendment was in its voting phase and had not activated on mainnet; no funds were at risk. Note that even before this bug was reported, Batch amendment was already no longer in activation due to extra caution around wanting the `fixBatchInnerSigs` amendment in first.
+On February 19, 2026, **Pranamya Keshkamat** and **Cantina AI** identified a critical logic flaw in the signature-validation logic of the XRPL `Batch` amendment. The bug allowed an attacker to execute inner transactions on behalf of arbitrary victim accounts without their private keys, enabling unauthorized fund transfers and ledger state changes. The amendment was in its voting phase and had not been activated on mainnet; no funds were at risk. Note that even before this bug was reported, the `Batch` amendment was disabled due to extra caution around ensuring the `fixBatchInnerSigs` amendment activated first.
 
 UNL validators were immediately advised to vote "No" on the amendment. The emergency release **rippled 3.1.1** marks both `featureBatch` and `fixBatchInnerSigs` as unsupported, preventing activation. A corrected replacement, `BatchV1_1`, has been implemented and is currently under review; no release date has been set.
 
@@ -71,7 +71,7 @@ When the `Batch` amendment is enabled, inner transactions in a batch are intenti
 2. Sign the batch message with the unfunded account's master key for its signer entry, and with the attacker's own key for a second signer entry that falsely claims to authorize the victim account.
 3. Submit the batch transaction to the network.
 
-**Expected pre-fix behavior:**
+**Pre-fix behavior:**
 
 - The batch transaction succeeds.
 - The victim account's balance is reduced by the payment amount without the victim's keys being used.
@@ -84,7 +84,7 @@ When the `Batch` amendment is enabled, inner transactions in a batch are intenti
 
 ## Fixes / Patches Available
 
-[**rippled 3.1.1**](https://github.com/XRPLF/rippled/releases/tag/3.1.1) is available now. The corrected `BatchV1_1` amendment will be included in a future release following completion of its review; no date has been set.
+[**rippled 3.1.1**](https://xrpl.org/blog/2026/rippled-3.1.1) is available now. The corrected `BatchV1_1` amendment will be included in a future release following completion of its review; no date has been set.
 
 ## Acknowledgements
 
@@ -94,8 +94,8 @@ Thanks also to the UNL validators who moved swiftly to vote against the affected
 
 ## References
 
-- [rippled 3.1.1 release](https://github.com/XRPLF/rippled/releases/tag/3.1.1)
-- [Community post on X](https://x.com/mikeleffer/status/2025353697979461713)
+- [rippled 3.1.1 release](https://xrpl.org/blog/2026/rippled-3.1.1)
+- [Community post on X](https://x.com/hrkrshnn/status/2025336360010387613)
 
 ## Contact