Vulnerabilities > Lightning Network Daemon Project

DATE CVE VULNERABILITY TITLE RISK
2022-11-17 CVE-2022-39389 Improper Input Validation vulnerability in multiple products
Lightning Network Daemon (lnd) is an implementation of a lightning bitcoin overlay network node.
6.5
2021-10-04 CVE-2021-41593 Allocation of Resources Without Limits or Throttling vulnerability in Lightning Network Daemon Project Lightning Network Daemon
Lightning Labs lnd before 0.13.3-beta allows loss of funds because of dust HTLC exposure.
network
low complexity
lightning-network-daemon-project CWE-770
7.5
2020-10-21 CVE-2020-26896 Improper Validation of Integrity Check Value vulnerability in Lightning Network Daemon Project Lightning Network Daemon
Prior to 0.11.0-beta, LND (Lightning Network Daemon) had a vulnerability in its invoice database.
5.8
2020-10-21 CVE-2020-26895 Improper Validation of Integrity Check Value vulnerability in Lightning Network Daemon Project Lightning Network Daemon
Prior to 0.10.0-beta, LND (Lightning Network Daemon) would have accepted a counterparty high-S signature and broadcast tx-relay invalid local commitment/HTLC transactions.
network
low complexity
lightning-network-daemon-project CWE-354
5.0