CVE-2026-56137

HIGH NVD

CVSS Score 7.8

Severity HIGH

Published Jun 30, 2026

Vendor unknown

Description

RPG MAKER MV and MZ provided by Gotcha Gotcha Games Inc. contain an OS command injection vulnerability. If a user loads a specially crafted save-file, arbitrary OS command may be executed.

References

https://jvn.jp/en/jp/JVN69681784/
https://rpgmakerofficial.com/en/news/4188/
https://rpgmakerofficial.com/news/4183/