{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-15T05:17:32.325","vulnerabilities":[{"cve":{"id":"CVE-2025-59489","sourceIdentifier":"cve@mitre.org","published":"2025-10-03T14:15:45.733","lastModified":"2025-10-22T18:12:25.693","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Unity Runtime before 2025-10-02 on Android, Windows, macOS, and Linux allows argument injection that can result in loading of library code from an unintended location. If an application was built with a version of Unity Editor that had the vulnerable Unity Runtime code, then an adversary may be able to execute code on, and exfiltrate confidential information from, the machine on which that application is running. NOTE: product status is provided for Unity Editor because that is the information available from the Supplier. However, updating Unity Editor typically does not address the effects of the vulnerability; instead, it is necessary to rebuild and redeploy all affected applications."}],"metrics":{"cvssMetricV31":[{"source":"cve@mitre.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":7.4,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.4,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.4,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.5,"impactScore":5.9}]},"weaknesses":[{"source":"cve@mitre.org","type":"Secondary","description":[{"lang":"en","value":"CWE-88"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-426"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:unity:editor:*:*:*:*:-:*:*:*","versionStartIncluding":"2017.4","versionEndIncluding":"2018.4","matchCriteriaId":"21A9623D-D8B1-41C8-838C-3A5D9DC94893"},{"vulnerable":true,"criteria":"cpe:2.3:a:unity:editor:*:*:*:*:-:*:*:*","versionStartIncluding":"2019.1","versionEndExcluding":"2019.1.15f1","matchCriteriaId":"80164735-6B7A-4224-9681-0C8EFDACDE91"},{"vulnerable":true,"criteria":"cpe:2.3:a:unity:editor:*:*:*:*:-:*:*:*","versionStartIncluding":"2019.2","versionEndExcluding":"2019.2.23f1","matchCriteriaId":"25B84777-C5E0-48AE-A969-55FD4DB1CC9B"},{"vulnerable":true,"criteria":"cpe:2.3:a:unity:editor:*:*:*:*:-:*:*:*","versionStartIncluding":"2019.3","versionEndIncluding":"2019.3.17f1","matchCriteriaId":"1BD52B26-9C04-40BA-9B4C-4703DE47E5D0"},{"vulnerable":true,"criteria":"cpe:2.3:a:unity:editor:*:*:*:*:lts:*:*:*","versionStartIncluding":"2019.4","versionEndExcluding":"2019.4.41f1","matchCriteriaId":"2844E761-7A18-439D-8A4E-EECFEF9A4BF6"},{"vulnerable":true,"criteria":"cpe:2.3:a:unity:editor:*:*:*:*:-:*:*:*","versionStartIncluding":"2020.1","versionEndExcluding":"2020.1.18f1","matchCriteriaId":"4437C3BD-AD82-4C71-9D37-35EE28AF4666"},{"vulnerable":true,"criteria":"cpe:2.3:a:unity:editor:*:*:*:*:-:*:*:*","versionStartIncluding":"2020.2","versionEndExcluding":"2020.2.8f1","matchCriteriaId":"C0A0F338-39D0-4273-B330-10284BFD4D45"},{"vulnerable":true,"criteria":"cpe:2.3:a:unity:editor:*:*:*:*:-:*:*:*","versionStartIncluding":"2020.3","versionEndExcluding":"2020.3.49f1","matchCriteriaId":"1B0EDE20-DEDE-4711-85B4-42222B96A76A"},{"vulnerable":true,"criteria":"cpe:2.3:a:unity:editor:*:*:*:*:-:*:*:*","versionStartIncluding":"2021.1","versionEndExcluding":"2021.1.29f1","matchCriteriaId":"7AE6D29B-FBDC-411B-A80C-91906F52B5D5"},{"vulnerable":true,"criteria":"cpe:2.3:a:unity:editor:*:*:*:*:-:*:*:*","versionStartIncluding":"2021.2","versionEndExcluding":"2021.2.20f1","matchCriteriaId":"C9DB811C-2F11-460A-84A6-4F8428022B83"},{"vulnerable":true,"criteria":"cpe:2.3:a:unity:editor:*:*:*:*:lts:*:*:*","versionStartIncluding":"2021.3","versionEndExcluding":"2021.3.45f2","matchCriteriaId":"BA441916-E1BB-435A-BF13-E7C881DA753F"},{"vulnerable":true,"criteria":"cpe:2.3:a:unity:editor:*:*:*:*:-:*:*:*","versionStartIncluding":"2022.1","versionEndExcluding":"2022.1.25f1","matchCriteriaId":"7F72C377-DBDA-40FA-B21B-7088253021B5"},{"vulnerable":true,"criteria":"cpe:2.3:a:unity:editor:*:*:*:*:-:*:*:*","versionStartIncluding":"2022.2","versionEndExcluding":"2022.2.23f1","matchCriteriaId":"E1BE4037-1605-43D5-96C9-F84CDE421096"},{"vulnerable":true,"criteria":"cpe:2.3:a:unity:editor:*:*:*:*:lts:*:*:*","versionStartIncluding":"2022.3","versionEndExcluding":"2022.3.62f2","matchCriteriaId":"08C455CB-FCD6-4D86-AC8E-2509F0A7EB62"},{"vulnerable":true,"criteria":"cpe:2.3:a:unity:editor:*:*:*:*:lts:*:*:*","versionStartIncluding":"2023.1","versionEndExcluding":"2023.1.22f1","matchCriteriaId":"565D184B-47D1-4CD7-AD7C-887FCF304DC1"},{"vulnerable":true,"criteria":"cpe:2.3:a:unity:editor:*:*:*:*:lts:*:*:*","versionStartIncluding":"2023.2","versionEndExcluding":"2023.2.22f1","matchCriteriaId":"A51D8CF4-3E6D-45D2-92CB-819095A5C647"},{"vulnerable":true,"criteria":"cpe:2.3:a:unity:editor:*:*:*:*:lts:*:*:*","versionStartIncluding":"6000.0","versionEndExcluding":"6000.0.58f2","matchCriteriaId":"D643C324-981A-4CC1-B157-31C46879B0D7"},{"vulnerable":true,"criteria":"cpe:2.3:a:unity:editor:*:*:*:*:-:*:*:*","versionStartIncluding":"6000.1","versionEndExcluding":"6000.1.17f1","matchCriteriaId":"7CFEF658-7CFF-429E-94BC-501D09A0214B"},{"vulnerable":true,"criteria":"cpe:2.3:a:unity:editor:*:*:*:*:-:*:*:*","versionStartIncluding":"6000.2","versionEndExcluding":"6000.2.6f2","matchCriteriaId":"CC4F84C7-9076-4525-ADF5-0C47A199FB92"},{"vulnerable":true,"criteria":"cpe:2.3:a:unity:editor:*:*:*:*:-:*:*:*","versionStartIncluding":"6000.3","versionEndExcluding":"6000.3.0b4","matchCriteriaId":"8B7A8BC7-437E-4090-B951-400BB396A121"},{"vulnerable":true,"criteria":"cpe:2.3:a:unity:editor:2017.1.2p4\\+:*:*:*:-:*:*:*","matchCriteriaId":"4D4B42AC-5124-4DC9-9868-790314FB92FE"},{"vulnerable":true,"criteria":"cpe:2.3:a:unity:editor:2017.2.0p4\\+:*:*:*:-:*:*:*","matchCriteriaId":"73D7C1E8-3FCC-4F23-A906-ADAF18DF47E4"},{"vulnerable":true,"criteria":"cpe:2.3:a:unity:editor:2017.3.0b9\\+:*:*:*:-:*:*:*","matchCriteriaId":"C9CBFCEC-8196-4423-878C-C3B8844375D7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*","matchCriteriaId":"387021A0-AF36-463C-A605-32EA7DAC172E"},{"vulnerable":false,"criteria":"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*","matchCriteriaId":"F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26"},{"vulnerable":false,"criteria":"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*","matchCriteriaId":"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://flatt.tech/research/posts/arbitrary-code-execution-in-unity-runtime/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://unity.com/security#security-updates-and-patches","source":"cve@mitre.org","tags":["Product"]},{"url":"https://unity.com/security/sept-2025-01","source":"cve@mitre.org","tags":["Vendor Advisory"]}]}}]}