Litecoin Shares Update on Zero Day Exploit: What Happened?

TL;DR
Litecoin reported a zero-day exploit that caused a DoS attack, disrupting major mining pools. The bug has been patched, and valid transactions remain unaffected.
Key points
- Litecoin experienced a zero-day exploit causing a DoS attack.
- The exploit disrupted major mining pools and allowed invalid transactions.
- A 13-block reorg reversed invalid transactions, keeping valid ones safe.
- The bug has been patched and the network operates normally.
Litecoin is currently in the spotlight following reports of a potential zero-day exploit, sparking concerns in the crypto community. In light of this, Litecoin developers have issued an update outlining what happened. In a five-point tweet, Litecoin's official X account outlined the sequence of events in the incident.
Litecoin stated that a zero-day bug caused a DoS attack that disrupted major mining pools. Subsequently, non-updated mining nodes allowed an invalid MWEB transaction, allowing them to peg out coins to third-party DEXs. A 13-block reorg reversed the invalid transactions and they will not be included in the main chain. The Litecoin team stated that all valid transactions during that period were unaffected.
Litecoin update:
• A zero-day bug caused a DoS attack that disrupted major mining pools.
• Non-updated mining nodes allowed an invalid MWEB transaction allowing them to peg out coins to third party DEX's
• A 13-block reorg reversed those invalid transactions — they will not…— Litecoin (@litecoin) April 25, 2026
The bug has now been fully patched, and the Litecoin network continues to operate normally. A new core version was released subsequently, including important security updates.
A 51% attack is regarded as an original threat to blockchain security, especially for proof-of-work blockchains, which include Litecoin. This is made possible by the fact that blockchain consensus algorithms essentially implement majority rule. If an attacker controls over 50% of the hashrate of a PoW blockchain, they can create new blocks faster than the rest of the network combined.
In August 2025, Monero saw an attempted 51% attack, with Qubic mining pool performing a six-block deep reorganization of the Monero ledger and orphaning around 60 blocks.
New Litecoin update released
Shortly after it provided an update on the incident, Litecoin announced a new Core version 0.21.5.4 release, which includes important security updates. It urges all node operators and wallet users to upgrade as soon as possible.
The release contains fixes for highlighted security issues and corrects MWEB input/output accounting going forward and is a required upgrade for all node operators, miners, and wallet users. It prevents kernel fee overflow during MWEB transaction validation and erases block data for mutated blocks to avoid miner DoS. Miners no longer include MWEB transactions when the input and output commitments in the block would sum to zero.
Q&A
What caused the DoS attack on Litecoin's network?
A zero-day bug was responsible for the DoS attack that disrupted major mining pools.
How did the zero-day exploit affect Litecoin transactions?
The exploit allowed non-updated mining nodes to process an invalid MWEB transaction, but a 13-block reorg reversed these invalid transactions, leaving valid ones unaffected.
What measures has Litecoin taken to address the zero-day bug?
Litecoin has fully patched the bug and released a new core version that includes important security updates.





