Microsoft and Steam take action as unity vulnerability puts games at risk
A high-severity vulnerability in the popular gaming and application editor Unity can allow attackers to load arbitrary libraries and achieve code execution.
Tracked as CVE-2025-59489 (CVSS score of 8.4), the security defect resides in command-line arguments through which Unity could load and execute arbitrary code.
According to security engineer RyotaK from GMO Flatt Security, the issue is related to Unity’s support for application debugging and is straightforward to exploit locally.
Read more at Security Week