VYPR
Vendor

Libretro

Products
2
CVEs
4
Across products
4
Status
Private

Products

2

Recent CVEs

4
  • CVE-2025-9809CriSep 1, 2025
    risk 0.64cvss 9.8epss 0.00

    Out-of-bounds write in cdfs_open_cue_track in libretro libretro-common latest on all platforms allows remote attackers to execute arbitrary code via a crafted .cue file with a file path exceeding PATH_MAX_LENGTH that is copied using memcpy into a fixed-size buffer.

  • CVE-2021-28927HigApr 7, 2021
    risk 0.51cvss 7.8epss 0.01

    The text-to-speech engine in libretro RetroArch for Windows 1.9.0 passes unsanitized input to PowerShell through platform_win32.c via the accessibility_speak_windows function, which allows attackers who have write access on filesystems that are used by RetroArch to execute code…

  • CVE-2025-0459MedJan 14, 2025
    risk 0.34cvss 5.3epss 0.00

    A vulnerability, which was classified as problematic, has been found in libretro RetroArch up to 1.19.1 on Windows. Affected by this issue is some unknown functionality in the library profapi.dll of the component Startup. The manipulation leads to untrusted search path. An…

  • CVE-2025-9136MedAug 19, 2025
    risk 0.00cvss 5.3epss 0.00

    A flaw has been found in libretro RetroArch 1.18.0/1.19.0/1.20.0. This affects the function filestream_vscanf of the file libretro-common/streams/file_stream.c. This manipulation causes out-of-bounds read. The attack needs to be launched locally. Upgrading to version 1.21.0…