CVE-2019-13000
Description
Eclair through 0.3 allows attackers to trigger loss of funds because of Incorrect Access Control. NOTE: README.md states "it is beta-quality software and don't put too much money in it."
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Incorrect access control in Eclair through 0.3 allows attackers to trigger loss of funds.
Vulnerability
The vulnerability, identified as CVE-2019-13000, affects Eclair through version 0.3. It is an Incorrect Access Control flaw that allows attackers to trigger loss of funds. The project's README.md explicitly warns that it is "beta-quality software and don't put too much money in it" [1].
Exploitation
An attacker can exploit this flaw by leveraging the incorrect access control mechanisms present in the affected versions. Specific details of the attack vector or required conditions are not disclosed in the available references [2].
Impact
Successful exploitation enables an attacker to trigger a loss of funds. The exact mechanism or extent of financial loss is not elaborated in the references [1, 2].
Mitigation
Users should upgrade to a version newer than 0.3. The latest releases (e.g., v0.13.1, v0.14.0) address this issue as part of their security improvements. No workaround is provided for unpatched versions [1, 2].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Eclair/Eclairdescription
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- github.com/ACINQ/eclair/commits/mastermitrex_refsource_MISC
- lists.linuxfoundation.org/pipermail/lightning-dev/2019-September/002174.htmlmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.