Cross-chain vulnerabilities are significant security concerns that can be exploited to steal or manipulate assets on cross-chain bridges, which have suffered hacks totaling over $2.8 billion. Cross-chain bridges are decentralized applications that facilitate asset transfer between blockchains, forming an essential part of the Web3 ecosystem. Despite their importance, they introduce potential attack vectors, necessitating robust security measures. Key vulnerabilities include poor private key management, unaudited smart contracts, insecure upgradability processes, dependency on single networks, unproven validator sets, lack of active transaction monitoring, and absence of rate limits. Effective security involves decentralization, private key protection, rigorous auditing, secure upgradability, diverse validator sets, active monitoring, and rate limits to prevent large-scale exploits. Chainlink's Cross-Chain Interoperability Protocol (CCIP) exemplifies a defense-in-depth approach by employing multiple decentralized oracle networks and layered security measures to protect against these vulnerabilities.