CVE-2026-56137

RPG MAKER MV and MZ provided by Gotcha Gotcha Games Inc. contain an OS command injection vulnerability. If a user loads a specially crafted save-file, arbitrary OS command may be executed...

EUVD-2026-40256

RPG MAKER MV and MZ provided by Gotcha Gotcha Games Inc. contain an OS command injection vulnerability. If a user loads a specially crafted save-file, arbitrary OS command may be executed...

CVE-2026-56137

RPG MAKER MV and MZ (Gotcha Gotcha Games Inc.) have an OS command injection vulnerability. When a user loads a specially crafted save-file, arbitrary OS commands may be executed. Affected components and root cause are stated as OS command injection, with high impact (CVE-2026-56137). The supplied...

Argamal: Malware hidden in hentai games

In April 2026, we discovered a new malware campaign targeting players of "hentai" games. Once launched, the infected games install a previously unknown malicious implant on the user's machine. After a few days, the implant downloads and executes a Trojan, resulting in full system compromise and...

[SECURITY] Fedora 43 Update: easyrpg-player-0.8.1.1-4.fc43

EasyRPG Player is a game interpreter for RPG Maker 2000/2003 and EasyRPG game s. To play a game, run the "easyrpg-player" executable inside a RPG Maker 2000/2003 game project folder same place as RPGRT.exe...

liblcf 0.8.1 Denial of Service

lcf2xml part of liblcf aborts when parsing specially crafted RPG Maker 2000/2003 files that supply a negative element count for vectors of structured records. Version 0.8.1 is affected...