VYPR
Vendor

Luanti Org

Products
1
CVEs
3
Across products
3
Status
Private

Products

1

Recent CVEs

3
  • CVE-2026-41196CriApr 23, 2026
    risk 0.58cvss 10.0epss 0.00

    Luanti (formerly Minetest) is an open source voxel game-creation platform. Starting in version 5.0.0 and prior to version 5.15.2, a malicious mod can trivially escape the sandboxed Lua environment to execute arbitrary code and gain full filesystem access on the user's device.…

  • CVE-2026-40959CriApr 16, 2026
    risk 0.53cvss 9.3epss 0.00

    Luanti 5 before 5.15.2, when LuaJIT is used, allows a Lua sandbox escape via a crafted mod.

  • CVE-2026-40960HigApr 16, 2026
    risk 0.46cvss 8.1epss 0.00

    Luanti 5 before 5.15.2 sometimes allows unintended access to an insecure environment. If at least one mod is listed as secure.trusted_mods or secure.http_mods, then a crafted mod can intercept the request for the insecure environment or HTTP API, and also receive access to it.