Developers behind Zcash have revealed a flaw that could have allowed an attacker to print an infinite amount of Zcash tokens. If exploited, an attacker would have been able to create an unlimited amount of shielded coins. Only four Zcash employees were aware of the issue before a fix was covertly included in the Zcash network on 28th October 2018. The vulnerability was the result of a “parameter setup algorithm” that allowed “a cheating prover to circumvent a consistency check” and thereby transformed “the proof of one statement into a valid-looking proof of a different statement”
Source: https://thehackernews.com/2019/02/zcash-cryptocurrency-hack.html