CVE Catalog
CVE-2026-40959
CriticalSummary
Luanti 5 before 5.15.2, when LuaJIT is used, allows a Lua sandbox escape via a crafted mod.
Risk Assessment
Allowing sandbox escape may lead to unauthorized access to the system and potential takeover of the application.
Recommendation
It is recommended to update Luanti to version 5.15.2 or later to mitigate this vulnerability.
Original NVD description (English source)
Luanti 5 before 5.15.2, when LuaJIT is used, allows a Lua sandbox escape via a crafted mod.

