2 matches found
CVE-2021-28927
CVE-2021-28927 affects the Windows build of libretro RetroArch (1.9.0). The vulnerability resides in the text-to-speech engine: the function accessibility_speak_windows in platform_win32.c passes unsanitized input to PowerShell, enabling command-injection-like behavior when an attacker has write ...
CVE-2025-9136
CVE-2025-9136 affects libretro RetroArch 1.18.0/1.19.0/1.20.0. The flaw is in filestream_vscanf of libretro-common/streams/file_stream.c, causing an out-of-bounds read. The CVE describes a local attacker exploit and recommends upgrading to 1.21.0. Fedora advisories linked here show updates to 1.2...