VYPR

PyPI package

lnbits

pkg:pypi/lnbits

Vulnerabilities (2)

  • CVE-2025-32013Apr 6, 2025
    affected <= 0.12.12

    LNbits is a Lightning wallet and accounts system. A Server-Side Request Forgery (SSRF) vulnerability has been discovered in LNbits' LNURL authentication handling functionality. When processing LNURL authentication requests, the application accepts a callback URL parameter and mak

  • CVE-2024-34694HigJun 14, 2024
    affected < 0.12.6fixed 0.12.6

    LNbits is a Lightning wallet and accounts system. Paying invoices in Eclair that do not get settled within the internal timeout (about 30s) lead to a payment being considered failed, even though it may still be in flight. This vulnerability can lead to a total loss of funds for t