Athena · Rathena · CVE-2025-58750
Name of the Vulnerable Software and Affected Versions:
rAthena versions prior to commit 0cc348b
Description:
rAthena is an open-source cross-platform massively multiplayer online role playing game (MMORPG) server. A missing bound check in the `chclif parse moveCharSlot` function can lead to out-of-bounds read and write operations triggered by user-supplied input.
Recommendations:
Update to commit 0cc348b or a later version to address the issue.