Tech
Share this article

Lightning Vulnerability Discovered; LND Node Operators Urged to Upgrade ASAP

An undisclosed vulnerability in LND versions 0.10.x and below was revealed Thursday. Developers are urging node operators to update to the newest version.

By William Foxley
Updated Sep 14, 2021, 10:06 a.m. Published Oct 9, 2020, 12:58 a.m.
default image

A vulnerability in LND versions 0.10.x and below has been disclosed to the Lightning Labs team, according to engineer Conner Fromknecht in the Lightning Network developer channel Thursday. In light of the disclosure, the firm is urging node operators to upgrade to versions 0.11.0 or higher as soon as possible.

STORY CONTINUES BELOW
Don't miss another story.Subscribe to the The Protocol Newsletter today. See all newsletters
By signing up, you will receive emails about CoinDesk products and you agree to our terms of use and privacy policy.

  • No known exploitations of the vulnerability have been found to date, but "circumstances surrounding the discovery resulted in a compressed disclosure timeline," Fromknecht said.
  • The vulnerability was "partially" disclosed with a detailed publishing of the findings promised Oct. 20.
  • Lightning Labs – one of three major implementations of the Lightning Network – released its newest v0.11.1-beta on Oct. 1.
  • Lightning Labs did not respond immediately to a request for comment.

BitcoinLightning NetworkVulnerabilitiesCoinFlashLighting Labs

More For You

Protocol Research: GoPlus Security

By CoinDesk Research
Nov 14, 2025
Commissioned byGoPlus
GP Basic Image

What to know:

  • As of October 2025, GoPlus has generated $4.7M in total revenue across its product lines. The GoPlus App is the primary revenue driver, contributing $2.5M (approx. 53%), followed by the SafeToken Protocol at $1.7M.
  • GoPlus Intelligence's Token Security API averaged 717 million monthly calls year-to-date in 2025 , with a peak of nearly 1 billion calls in February 2025. Total blockchain-level requests, including transaction simulations, averaged an additional 350 million per month.
  • Since its January 2025 launch , the $GPS token has registered over $5B in total spot volume and $10B in derivatives volume in 2025. Monthly spot volume peaked in March 2025 at over $1.1B , while derivatives volume peaked the same month at over $4B.
View Full Report

More For You

Ethereum’s ‘Glamsterdam’ upgrade aims to fix MEV fairness

By AI Boost, Margaux Nijkerk|Edited by Nikhilesh De
8 hours ago
Amsterdam buildings (Unsplash/ Azhar J)

The full scope of Glamsterdam has not yet been finalized, but developers are targeting it to go live in 2026.

What to know:

  • Ethereum developers, fresh off last month’s successful Fusaka upgrade, which cut down costs for nodes, are already moving full-steam ahead on planning the blockchain’s next major change.
  • Glamsterdam is a two simultaneous upgrades taking place on Ethereum’s two core layers.
  • At the heart of the upgrade is ePBS and Block-level Access Lists.
  • Developers haven't decided on the full scope of the upgrade but are targeting it for 2026.

Read full story