rAthena is an open-source cross-platform MMORPG server. A use-after-free vulnerability exists in the RODEX functionality of rAthena's map-server in versions prior to commit af2f3ba. An unauthenticated attacker can exploit this vulnerability via a specific attacking scenario to cause a denial of service by crashing the map-server. This issue has been patched in commit af2f3ba. There are no known workarounds aside from manually applying the patch.
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/62xxx/CVE-2025-62170.json",
"cna_assigner": "GitHub_M",
"cwe_ids": [
"CWE-416"
]
}[
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"91595157655414875125086921230585936607",
"53300854127239451403356137490628356413",
"20727099528220984797387928030078801990",
"223072794530816846940957650644608952197"
]
},
"target": {
"file": "src/map/clif.cpp"
},
"id": "CVE-2025-62170-1bcfcfb1",
"signature_version": "v1",
"deprecated": false,
"signature_type": "Line",
"source": "https://github.com/rathena/rathena/commit/af2f3ba33fc03dc6dd510f8cfe84cd9185af748d"
},
{
"digest": {
"length": 541.0,
"function_hash": "94505584308281800904346972716984000189"
},
"target": {
"file": "src/map/clif.cpp",
"function": "clif_mail_removeitem"
},
"id": "CVE-2025-62170-3eaeeb9c",
"signature_version": "v1",
"deprecated": false,
"signature_type": "Function",
"source": "https://github.com/rathena/rathena/commit/af2f3ba33fc03dc6dd510f8cfe84cd9185af748d"
}
]
[
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2025-10-12"
}
]
}
]
"2026-04-12T18:28:22Z"
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-62170.json"