{"vulnerability": "CVE-2020-26895", "sightings": [{"uuid": "aea86a38-e5cf-46fd-a3e7-197b7c6bdbc0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-26895", "type": "seen", "source": "https://t.me/cibsecurity/15432", "content": "\u203c CVE-2020-26895 \u203c\n\nPrior to 0.10.0-beta, LND (Lightning Network Daemon) would have accepted a counterparty high-S signature and broadcast tx-relay invalid local commitment/HTLC transactions. This can be exploited by any peer with an open channel regardless of the victim situation (e.g., routing node, payment-receiver, or payment-sender). The impact is a loss of funds in certain situations.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-10-21T07:50:34.000000Z"}]}