Ledger believes in better security through openness. The Ledger Security Bulletins describe technical details of past security issues, their potential impact and available patches or workaround.
If you believe that you have discovered a vulnerability, please report it through the bug bounty program.
|2019-10-04||LSB 007: Monero private key retrieval|
|2019-08-07||LSB 006: OLED screen side-channel vulnerability|
|2018-12-27||LSB 005: MCU bootloader verification bypass|
|2018-11-28||LSB 004: Bitcoin change address injection|
|2018-03-20||LSB 003: Isolation vulnerability|
|2018-03-20||LSB 002: Supply chain attack|
|2018-03-20||LSB 001: Padding oracle attack on SCP|
Note: these security bulletins are inspired by Qubes Security Bulletins but aren’t related in any way.