The Bluetooth SIG released an errata for the 4.2 and 5.0 versions of Bluetooth specification on July 23rd relating to a potential vulnerability with the pairing procedures.
For Bluetooth low energy; this only impacts the low energy secure connections...