Litematica Security Update
Litematica is the mod many Minecraft Java players use to load, preview, and place schematic files. A security vulnerability has been reported in some Litematica and Servux versions for Minecraft 1.21+. The issue can allow files other than normal schematic files to be transferred between a server and client and placed outside the intended directory.
What you should do
- Update Litematica to the newest version available for your Minecraft version.
- If you own or manage a server and have Servux installed, update Servux as well.
- Download mod files only from trusted project pages such as Modrinth.
- Remove old Litematica and Servux jar files from your mods folder after updating.
- Restart Minecraft and check the Mods screen to confirm the updated versions are loaded.
- Do not join servers you do not trust while running an affected Litematica version.
Why this matters
The reported risk is highest when a player with an affected Litematica version joins a malicious server, or a trusted server running a vulnerable Servux version that has itself been compromised. Updating Litematica protects normal players. Updating Servux is only needed if you run a server and have Servux installed.
Download links
Use the official Modrinth project pages for the Minecraft version you play on. Do not install random jar files sent over Discord or uploaded to file sharing sites.
This notice is for players using Litematica and server owners using Servux. The safest approach is to stay updated and only join servers you trust.