Highest overall severity: Critical


A vulnerability in the LND implementation of Lightning Network has been discovered. All Casa Nodes need to be updated to the September 10, 2019 software update immediately to remain secure.

Changes included in this update:

Updating LND to version 0.7.1.

The following CVEs have been addressed in this update:

  • CVE-2019-12999 - (full details here were released on Friday September 27, 2019)

Change log available here.


This vulnerability can potentially result in funds held in Lightning Network channels being lost.

Products and Versions:

All Casa Nodes running on versions older than the September 10, 2019 update.

Further reading:



NIST NVD further details:

Full details for CVE-2019-12999 will be released on 2019-09-27, please update your Casa node well before then.

You’ve successfully subscribed to Casa Blog
Welcome back! You’ve successfully signed in.
Great! You’ve successfully signed up.
Your link has expired
Success! Check your email for magic link to sign-in.