epic games

Top products

The 15 most recently published vulnerabilities affecting epic games.

• CVE-2025-61973A local privilege escalation vulnerability exists during the installation of Epic Games Store via the Microsoft Store. A low-privilege user can replace a DLL file during the installation process, w...8.8Jan 15, 2026
• CVE-2021-47739Epic Games Easy Anti-Cheat 4.0 Local Privilege Escalation via Unquoted Service Path8.4Dec 23, 2025
• CVE-2025-0567Epic Games Launcher Installer profapi.dll untrusted search path4.5Jan 19, 2025
• CVE-2024-11872Epic Games Launcher Incorrect Default Permissions Local Privilege Escalation Vulnerability7.8Dec 11, 2024
• CVE-2018-17707This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Epic Games Launcher versions prior to 8.2.2. User interaction is required to exploit this vulnera...8.8Jan 24, 2019
• CVE-2008-7015Unreal engine 3, as used in Unreal Tournament 3 1.3, Frontlines: Fuel of War 1.1.1, and other products, allows remote attackers to cause a denial of service (server exit) via a packet with a large ...5.0Aug 19, 2009
• CVE-2008-7011The Unreal engine, as used in Unreal Tournament 3 1.3, Unreal Tournament 2003 and 2004, Dead Man's Hand, Pariah, WarPath, Postal2, and Shadow Ops, allows remote authenticated users to cause a denia...4.0Aug 19, 2009
• CVE-2008-4243Directory traversal vulnerability in ImageServer (aka UTImageServer) in WebAdmin before 1.7 for Epic Games Unreal Tournament 3 (UT3) 1.3 allows remote attackers to read arbitrary files via a .. (do...7.8Sep 25, 2008
• CVE-2008-3410Unreal Tournament 3 1.3beta4 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a UDP packet in which the value of a certain size field...5.0Jul 31, 2008
• CVE-2008-3409Buffer overflow in Unreal Tournament 3 1.3beta4 and earlier allows remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a UDP pa...7.5Jul 31, 2008
• CVE-2008-3396Unreal Tournament 2004 (UT2004) 3369 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a certain sequence of malformed packets.5.0Jul 31, 2008
• CVE-2003-1433Epic Games Unreal Engine 226f through 436 does not validate the challenge key, which allows remote attackers to exhaust the player limit by joining the game multiple times.4.3Oct 23, 2007
• CVE-2003-1432Epic Games Unreal Engine 226f through 436 allows remote attackers to cause a denial of service (CPU consumption or crash) and possibly execute arbitrary code via (1) a packet with a negative size v...10.0Oct 23, 2007
• CVE-2003-1431Buffer overflow in Epic Games Unreal Engine 226f through 436 allows remote attackers to cause a denial of service (crash) via a long host string in the Unreal URL.7.1Oct 23, 2007
• CVE-2003-1430Directory traversal vulnerability in Unreal Tournament Server 436 and earlier allows remote attackers to access known files via a ".." (dot dot) in an unreal:// URL.5.0Oct 23, 2007