CVE-2026-40959 | Luanti up to 5.15.1 LuaJIT inclusion of functionality from untrusted control sphere (GHSA-g596-mf82-w8c3 / EUVD-2026-23149)

A vulnerability labeled as problematic has been found in Luanti up to 5.15.1. This impacts an unknown function of the component LuaJIT. Executing a manipulation can lead to inclusion of functionality from untrusted control sphere.

This vulnerability is registered as CVE-2026-40959. The attack needs to be launched locally. No exploit is available.

The affected component should be upgraded.VulDB Recent EntriesRead More