54.93 $
-1.76% -0.98 $
54.93 $
-1.76% -0.98 $
At approximately 2:47 PM UTC on April 25, 2026, Litecoin experienced its first chain reorganization in 14 years of operation. The network rewound 13 blocks — roughly 32 minutes of transaction history — after an attacker exploited two separate vulnerabilities in the MWEB (MimbleWimble Extension Blocks) validation code. By evening, Litecoin Core developers had pushed v0.21.5.4, an emergency release that patches both bugs. Half the network is still on vulnerable versions. If you run a node and read this tomorrow, you are lucky nobody launched a second exploit overnight.
This article breaks down what the patch fixes, how to install it, and what happens to your node if you do not.
This is the worse of the two. Discovered and silently patched in March 2026, this bug allowed an attacker to fabricate LTC out of thin air.
Here is how MWEB works under normal conditions: users can peg LTC into extension blocks for confidential transactions, then peg out (move LTC back to the transparent chain) when they want to spend normally. When pegging out, the node must verify that the MWEB output being spent actually exists and that the amount matches what was originally pegged in.
The bug: during block connection, when an MWEB input spent a previous output, the metadata it carried was not verified against the actual UTXO being consumed. In plain English: the node accepted a withdrawal receipt without checking if the deposit ever happened. An attacker exploited this to fabricate an 85,034 LTC pegout — creating Litecoin that never existed in the extension block.
The inflation was detected by Litecoin Core developers. The consensus fix was privately deployed between March 19-26. The fabricated LTC was frozen before it reached exchanges. But the silent patch created a new problem — bug #2.
The fix for the inflation bug introduced a validation asymmetry between patched and unpatched nodes. Nodes running the patched code (v0.21.5.3 and the private fix) would reject blocks containing certain MWEB data that unpatched nodes considered valid. This meant:
The result: a 13-block chain reorganization. NEAR Intents, a cross-chain protocol, lost 11,000 LTC (approximately $600,000) in a swap that was confirmed and then rolled back. The full incident timeline and impact analysis is covered in our reorg incident report.
| Version | Release Date | What It Fixed | Status |
|---|---|---|---|
| v0.21.5.1 | December 2025 | Minor RPC improvements, peer connection stability fixes | Outdated — upgrade immediately |
| v0.21.5.2 | February 2026 | Performance optimizations for MWEB validation, memory leak fix | Outdated — upgrade immediately |
| v0.21.5.3 | March 2026 (private) | MWEB inflation bug consensus fix (silent patch, not publicly announced) | Outdated — contains DoS vulnerability |
| v0.21.5.4 | April 25, 2026 | MWEB inflation fix + mining node DoS fix. Both vulnerabilities patched | Current — install this version |
If you are running anything older than v0.21.5.4, your node is either vulnerable to the inflation bug (v0.21.5.1/5.2), or it contains the DoS vulnerability that enabled the reorg (v0.21.5.3). There is no safe older version.
litecoin-cli stopwget https://download.litecoin.org/litecoin-0.21.5.4/linux/litecoin-0.21.5.4-x86_64-linux-gnu.tar.gztar xzf litecoin-0.21.5.4-x86_64-linux-gnu.tar.gzsudo cp litecoin-0.21.5.4/bin/* /usr/local/bin/litecoind -daemonlitecoin-cli getnetworkinfo — check the version fieldAfter downloading, you should verify that the binary was not tampered with. This takes two minutes and protects you from supply chain attacks.
gpg --keyserver hkps://keys.openpgp.org --recv-keys FE3348877809386Cgpg --verify SHA256SUMS.asc SHA256SUMS — you should see "Good signature"sha256sum -c SHA256SUMS 2>/dev/null | grep litecoin-0.21.5.4 — you should see "OK"If the signature check fails, do not install the binary. Re-download from the official site or a different mirror. A failed GPG check means the file may have been modified in transit or at the source.
Running an outdated Litecoin Core version after April 25 is not just suboptimal — it is actively dangerous. Here is what each older version exposes you to:
If you run a Litecoin full node for any reason — personal verification, merchant payment processing, mining, or network support — update to v0.21.5.4 today.
As of early May 2026, network crawler data shows the following version distribution across reachable Litecoin nodes:
| Version | Reachable Nodes | % of Network | Status |
|---|---|---|---|
| v0.21.5.4 | ~680 | ~52% | Current, patched |
| v0.21.5.3 | ~195 | ~15% | Inflation patched, DoS vulnerable |
| v0.21.5.2 and older | ~310 | ~24% | Both vulnerabilities present |
| v0.21.4.x and older | ~115 | ~9% | Pre-MWEB upgrade, legacy |
Roughly 48% of reachable nodes are still running vulnerable versions. That is better than the 72-hour mark post-release (when only 18% had upgraded), but it means nearly half the network is still exposed. For comparison, after Bitcoin's CVE-2018-17144 patch, it took approximately two weeks for 60% of nodes to upgrade. Litecoin is tracking behind that pace.
The nodes that matter most are mining pool nodes. If the top mining pools have upgraded (and most have publicly confirmed they did within 24 hours of the release), the network's hashrate is protected even if individual relay nodes lag behind. Check our mining dashboard for current pool distribution and version data.
CoinDesk's investigation revealed that the GitHub commit history showed the inflation bug was patched weeks before the April 25 attack. The Litecoin Foundation initially framed the v0.21.5.4 release as a rapid response to a zero-day. The commits tell a different story: code was written March 19-26 and merged privately.
This matters because the four-week gap between the private patch and the public exploit is exactly what created the validation asymmetry that the attacker exploited. Some miners had upgraded to the private fix. Others had not. The attacker exploited the split.
Responsible disclosure in cryptocurrency is genuinely difficult. Disclose too early and you hand attackers an exploit guide before nodes upgrade. Disclose too late and you create exactly the kind of fragmented network state that enables the April 25 attack. Bitcoin Core has faced this dilemma multiple times and generally errs toward silent patching. Litecoin followed the same playbook — with worse results.
For a deeper analysis of what the MWEB exploit means for Litecoin's network security model, see our security guide. The short version: this was not a hashrate attack. The 3.34 PH/s of mining power, merged mining with Dogecoin, and difficulty adjustment all worked correctly. This was a software bug, and software bugs require software fixes — not more hashrate.
The MWEB privacy feature itself is not broken. The bug was in the validation code, not in the cryptographic protocol. MWEB confidential transactions still function as designed — hiding transaction amounts and providing genuine privacy when needed.
But the incident exposed that MWEB added significant attack surface to Litecoin's consensus layer. The MimbleWimble protocol is cryptographically complex, and that complexity harbored a critical validation bug for nearly four years (MWEB activated in May 2022). Future MWEB changes will likely undergo substantially more rigorous auditing before deployment.
If you use MWEB for privacy transactions, continue using it on v0.21.5.4. The patched code correctly validates all MWEB inputs and outputs. If you held LTC in MWEB during the March-April window, verify your balances on the current chain using your updated node.
Yes. If you run any version of Litecoin Core older than v0.21.5.4, you are running vulnerable software. The update patches two critical bugs: an MWEB inflation vulnerability (which was actively exploited) and a mining node DoS vulnerability (which enabled the 13-block chain reorganization). Update today.
If your LTC is stored in a wallet (hardware wallet, Litewallet, exchange), your coins are safe. The exploit affected MWEB validation at the protocol level, not individual wallets. However, if you run a full node, your node's view of the blockchain may be incorrect if you are on an old version. Update to v0.21.5.4 and let it re-sync to ensure your balance reflects the current canonical chain.
A chain reorganization (reorg) happens when the network switches from one version of the blockchain to another. Transactions that were confirmed on the abandoned chain are reversed — they become unconfirmed and must be re-included in new blocks. In a 13-block reorg, approximately 32 minutes of transaction history was rewound. Any transaction confirmed during that window was temporarily invalidated. Most were re-confirmed on the new chain, but time-sensitive operations like cross-chain swaps were permanently affected.
Possibly. The weeks following a major security patch are historically when secondary bugs surface. Bitcoin experienced follow-up patches after CVE-2018-17144, and Litecoin may as well. Monitor the official GitHub releases page and our on-chain dashboard for network health indicators.
If you use a light wallet (Litewallet, Electrum-LTC), a hardware wallet (Ledger, Trezor), or keep your LTC on an exchange, you do not need to install this update yourself. Your wallet provider or exchange handles the node infrastructure. However, you should verify that your exchange or wallet service has confirmed they are running v0.21.5.4. Major exchanges updated within 24-48 hours of the release. Check our wallet guide for storage recommendations.
