PT-2026-33198 · Luanti · Luanti

Published

2026-04-16

Updated

2026-06-02

CVE-2026-40960

CVSS v3.1

8.1

High

Vector

AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Luanti 5 versions prior to 5.15.2

Description An issue exists where unintended access to an insecure environment may occur. If at least one mod is listed as secure.trusted mods or secure.http mods, a crafted mod can intercept and gain access to requests intended for the insecure environment or HTTP API.

Recommendations Update to version 5.15.2 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-670

Related Identifiers

CVE-2026-40960

USN-8366-1

Affected Products

Luanti

PT-2026-33198 · Luanti · Luanti

CVE-2026-40960

Weakness Enumeration

Related Identifiers

Affected Products

References · 14