CVE-2025-26205

Name of the Vulnerable Software and Affected Versions Lua version 5.4.7

Description The issue is related to an out-of-bounds read and segmentation violation in the mainpositionTV function in ltable.c, which occurs when the debug library is used. It is worth noting that the documentation for the debug library states that its functions can violate basic assumptions about Lua code, including the possibility of crashes.

Recommendations For Lua version 5.4.7, consider avoiding the use of the debug library or its functions that may cause crashes, as a temporary workaround until a more stable solution is available.