Skip to main content

Lightning Network Daemon

4 CVEs product

Monthly

CVE-2022-39389 Go MEDIUM POC PATCH This Month

Lightning Network Daemon (lnd) is an implementation of a lightning bitcoin overlay network node. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Btcd Lightning Network Daemon
NVD GitHub
CVSS 3.1
6.5
EPSS
1.0%
CVE-2021-41593 HIGH POC This Week

Lightning Labs lnd before 0.13.3-beta allows loss of funds because of dust HTLC exposure. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Lightning Network Daemon
NVD GitHub
CVSS 3.1
8.6
EPSS
1.9%
CVE-2020-26896 HIGH PATCH This Week

Prior to 0.11.0-beta, LND (Lightning Network Daemon) had a vulnerability in its invoice database. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Lightning Network Daemon
NVD GitHub
CVSS 3.1
8.2
EPSS
0.7%
CVE-2020-26895 MEDIUM This Month

Prior to 0.10.0-beta, LND (Lightning Network Daemon) would have accepted a counterparty high-S signature and broadcast tx-relay invalid local commitment/HTLC transactions. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Lightning Network Daemon
NVD GitHub
CVSS 3.1
5.3
EPSS
0.7%
EPSS 1% CVSS 6.5
MEDIUM POC PATCH This Month

Lightning Network Daemon (lnd) is an implementation of a lightning bitcoin overlay network node. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Btcd Lightning Network Daemon
NVD GitHub
EPSS 2% CVSS 8.6
HIGH POC This Week

Lightning Labs lnd before 0.13.3-beta allows loss of funds because of dust HTLC exposure. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Lightning Network Daemon
NVD GitHub
EPSS 1% CVSS 8.2
HIGH PATCH This Week

Prior to 0.11.0-beta, LND (Lightning Network Daemon) had a vulnerability in its invoice database. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Lightning Network Daemon
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM This Month

Prior to 0.10.0-beta, LND (Lightning Network Daemon) would have accepted a counterparty high-S signature and broadcast tx-relay invalid local commitment/HTLC transactions. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Lightning Network Daemon
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy