6.8 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
39.0%
c-lightning before 0.7.1 allows attackers to trigger loss of funds because of Incorrect Access Control. NOTE: README.md states “It can be used for testing, but it should not be used for real funds.”
github.com/ElementsProject/lightning/commits/master
lists.linuxfoundation.org/pipermail/lightning-dev/2019-September/002174.html