| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-62797 | CSRF in FluxCP account endpoints allows account takeover / state-changing actions | rathena | FluxCP | - | - | 2025-10-29 17:49:08 | Deep Dive |
| CVE-2025-62170 | rAthena map-server use-after-free vulnerability in RODEX | rathena | rathena | High | 7.5 | 2025-10-13 17:45:21 | Deep Dive |
| CVE-2025-58750 | rAthena missing bound check in chclif_parse_moveCharSlot | rathena | rathena | High | 8.2 | 2025-09-09 22:14:40 | Deep Dive |
| CVE-2025-58448 | rAthena has SQL Injection in PartyBooking component via `WorldName` parameter. | rathena | rathena | Critical | 9.1 | 2025-09-09 22:12:49 | Deep Dive |
| CVE-2025-58447 | rAthena has heap-based buffer overflow in login server | rathena | rathena | Critical | 9.8 | 2025-09-09 22:11:03 | Deep Dive |
| CVE-2024-45799 | Javascript Injection in Vending Info/Buyers Info Module in FluxCP | rathena | FluxCP | High | 7.3 | 2024-09-16 18:31:03 | Deep Dive |
| CVE-2022-4421 | rAthena FluxCP Service Desk Image URL view.php cross site scripting | rAthena | FluxCP | Low | 3.5 | 2022-12-12 00:00:00 | Deep Dive |