Ubuntu 26.04 Luanti Important Code Execution Issues USN 8366-1
ubuntu
June 2, 2026
Several security issues were fixed in Luanti.
Summary
Several security issues were fixed in Luanti.
Software Description:
- luanti: free and open-source voxel game engine
Details:
It was discovered that Luanti, when using LuaJIT, did not properly
enforce Lua sandbox restrictions. An attacker could possibly use
this issue to execute arbitrary code. (CVE-2026-40959)
It was discovered that Luanti did not properly restrict access to
insecure environments. An attacker could possibly use this issue to
obtain unintended access to the insecure environment or HTTP API.
(CVE-2026-40960)
Update Instructions
The problem can be corrected by updating your system to the following package versions: Ubuntu 26.04 LTS luanti 5.10.0+dfsg-5+deb13u1build0.26.04.1 luanti-data 5.10.0+dfsg-5+deb13u1build0.26.04.1 luanti-server 5.10.0+dfsg-5+deb13u1build0.26.04.1 Ubuntu 25.10 luanti 5.10.0+dfsg-5+deb13u1build0.25.10.1 luanti-data 5.10.0+dfsg-5+deb13u1build0.25.10.1 luanti-server 5.10.0+dfsg-5+deb13u1build0.25.10.1 In general, a standard system update will make all the necessary changes.
References
https://ubuntu.com/security/notices/USN-8366-1
CVE-2026-40959, CVE-2026-40960
PREVIOUS 
NEXT Severity
important
Lowest
Low
Medium
High
Critical
Ubuntu Security Notice USN-8366-1
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!