Unrated severityNVD Advisory· Published Oct 13, 2025· Updated Oct 27, 2025

rAthena map-server use-after-free vulnerability in RODEX

CVE-2025-62170

Description

rAthena is an open-source cross-platform MMORPG server. A use-after-free vulnerability exists in the RODEX functionality of rAthena's map-server in versions prior to commit af2f3ba. An unauthenticated attacker can exploit this vulnerability via a specific attacking scenario to cause a denial of service by crashing the map-server. This issue has been patched in commit af2f3ba. There are no known workarounds aside from manually applying the patch.

Affected products

Rathena/rAthenallm-create
Range: < commit af2f3ba
rathena/rathenav5
Range: < af2f3ba33fc03dc6dd510f8cfe84cd9185af748d

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/rathena/rathena/commit/af2f3ba33fc03dc6dd510f8cfe84cd9185af748dmitrex_refsource_MISC
github.com/rathena/rathena/security/advisories/GHSA-9mj9-8vgv-r92jmitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000