EIP-2026-120685

PRE-CVE

LuaJIT 2.1.1774638290 - Arbitrary Code Execution

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-120685. PoCs published by Taurus Omar.

AI-analyzed exploit summary This Lua script demonstrates arbitrary code execution via LuaJIT's FFI (Foreign Function Interface) by leveraging unrestricted syscall access, command execution via system(), and shellcode execution via mmap(RWX). It confirms the vulnerability by comparing results from dlsym and direct syscalls, and includes a functional shellcode payload for spawning a shell.

Description

LuaJIT 2.1.1774638290 - Arbitrary Code Execution

Exploits (1)

exploitdb WORKING POC
by Taurus Omar · webappsmultiple
https://www.exploit-db.com/exploits/52554

This Lua script demonstrates arbitrary code execution via LuaJIT's FFI (Foreign Function Interface) by leveraging unrestricted syscall access, command execution via system(), and shellcode execution via mmap(RWX). It confirms the vulnerability by comparing results from dlsym and direct syscalls, and includes a functional shellcode payload for spawning a shell.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: LuaJIT 2.1.1774638290
No auth needed
Prerequisites: LuaJIT with FFI enabled · untrusted script execution context
mistral-large-3 · analyzed May 19, 2026 Full analysis →

Details

Status pre_cve
Tracked Since May 08, 2026