Libretro · Retroarch · CVE-2025-9136
Name of the Vulnerable Software and Affected Versions:
libretro RetroArch versions 1.18.0 through 1.20.0
Description:
A flaw has been found in the `filestream vscanf` function of the `libretro-common/streams/file stream.c` file. This manipulation causes an out-of-bounds read. The attack needs to be launched locally.
Recommendations:
Upgrade to version 1.21.0 to mitigate this issue.
Upgrade the affected component.