Users of BTCPay Server's LNbank Plugin Urged to Upgrade to v1.8.9 ASAP
"A critical vulnerability has been found in LNBank, an external plugin you can optionally use in BTCPay Server. If you're using it, update immediately to newest version v1.8.9 to mitigate," announced BTCPay Server.
LNbank is a BTCPay Server plugin that allows to use its Lightning node as a custodial accounts system with separate Lightning wallets for non-admin users such as individual stores, friends, or family.
"I've been notified of a critical vulnerability in the LNbank plugin! I recommend all instances running LNbank to update immediately to LNbank v1.8.9 to mitigate this critical vulnerability," announced @Dennis on Nostr.
"This does not affect btcpayserver — you are only affected when running the LNbank plugin."