Luanti 5 before 5.15.2, when LuaJIT is used, allows a Lua sandbox escape via a crafted mod.
Description
Luanti 5 before 5.15.2, when LuaJIT is used, allows a Lua sandbox escape via a crafted mod.
AI Analyst Comment
Remediation
Update Luanti Multiple Products to the latest version. Check vendor security advisory for specific patch details. Monitor for exploitation attempts and review access logs.
---METADATA---
VENDOR: Luanti
PRODUCT: Luanti
AFFECTED_VERSIONS: Versions before 5.15.2
---END_METADATA---
Description Summary:
Luanti versions before 5.15.2 are vulnerable to a Lua sandbox escape when using LuaJIT, allowing a crafted mod to execute arbitrary code.
Executive Summary:
A critical sandbox escape vulnerability in Luanti allows attackers to bypass security restrictions and achieve code execution through malicious mod files.
Vulnerability Details
CVE-ID: CVE-2026-40959
Affected Software: Luanti (formerly Minetest)
Affected Versions: Versions before 5.15.2
Vulnerability: This is a sandbox escape vulnerability occurring when the software utilizes LuaJIT. An attacker can supply a specially crafted mod to break out of the intended execution environment, leading to unauthorized system-level operations.
Business Impact
With a CVSS score of 9.3, this vulnerability poses a severe risk to organizational assets. Successful exploitation could allow a remote attacker to gain control over the underlying host system, leading to total data compromise, loss of service integrity, and potential lateral movement within the network.
Remediation Plan
Immediate Action: Upgrade all Luanti installations to version 5.15.2 or later immediately.
Proactive Monitoring: Review mod installation logs and monitor for unusual server-side process activity or unexpected file system modifications.
Compensating Controls: Restrict the ability to load third-party or untrusted mods to authorized personnel only until the software is patched.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of April 16, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw and the high CVSS score, the potential for exploitation is high; immediate patching is strongly advised.
Analyst Recommendation
The severity of this flaw cannot be overstated, as it directly undermines the isolation mechanism required for safe mod execution. Administrators must prioritize updating their Luanti instances to version 5.15.2 or higher to mitigate the risk of full system compromise.