Lucene search
K
Lightning Network Daemon ProjectLightning Network Daemon

4 matches found

CVE
CVE
added 2020/10/21 2:0 a.m.69 views

CVE-2020-26895

CVE-2020-26895 affects LND versions prior to 0.10.0-beta. The root cause is the handling of a counterparty high-S signature which could lead to the broadcast of invalid local commitment/HTLC transactions. This allows any peer with an open channel—whether routing node, payment-sender, or payment-r...

5.3CVSS5AI score0.00698EPSS
CVE
CVE
added 2020/10/21 2:0 a.m.67 views

CVE-2020-26896

The CVE affects LND (Lightning Network Daemon) prior to version 0.11.0-beta, specifically its invoice database. The root cause is that, when claiming an on-chain HTLC output, LND did not verify that the corresponding off-chain HTLC had already been settled before releasing the preimage. In a hash...

8.2CVSS8AI score0.00729EPSS
CVE
CVE
added 2022/11/17 12:0 a.m.66 views

CVE-2022-39389

CVE-2022-39389 (lnd) affects Lightning Network Daemon (lnd) prior to v0.15.4. The vulnerability is a block parsing bug that can cause a node to enter a degraded state after processing certain blocks. In this state, a node can still forward HTLCs and make payments but cannot open channels, and on-...

8.2CVSS6.7AI score0.00999EPSS
CVE
CVE
added 2021/10/04 4:54 p.m.43 views

CVE-2021-41593

CVE-2021-41593 affects Lightning Labs lnd prior to 0.13.3-beta. The issue is described as a dust HTLC exposure that can lead to loss of funds. Root cause and impact are noted in multiple connected sources; the affected component is lnd (Lightning Network daemon). Remediation is to upgrade to v0.1...

8.6CVSS8.5AI score0.0187EPSS