3 matches found
SUSE CVE-2026-40960
Luanti 5 before 5.15.2 sometimes allows unintended access to an insecure environment. If at least one mod is listed as secure.trustedmods or secure.httpmods, then a crafted mod can intercept the request for the insecure environment or HTTP API, and also receive access to it...
CVE-2026-40960
A flaw was found in Luanti. When at least one module mod is configured as trusted or secure, a specially crafted module can intercept requests to an insecure environment or the HTTP API. This allows the crafted module to gain unintended access to sensitive information and functionality within tha...
CVE-2026-40959
Luanti 5 before 5.15.2, when LuaJIT is used, allows a Lua sandbox escape via a crafted mod...