CVE Catalog

CVE-2026-40959

Critical
Published: Translated: NVD NIST

Summary

Luanti 5 before 5.15.2, when LuaJIT is used, allows a Lua sandbox escape via a crafted mod.

Risk Assessment

Allowing sandbox escape may lead to unauthorized access to the system and potential takeover of the application.

Recommendation

It is recommended to update Luanti to version 5.15.2 or later to mitigate this vulnerability.

Original NVD description (English source)

Luanti 5 before 5.15.2, when LuaJIT is used, allows a Lua sandbox escape via a crafted mod.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS