CNNVD-202509-3654 Information

CNNVD ID

CNNVD-202509-3654

Related CVE

CVE-2025-54081

• CNNVD Published: 2025-09-23

Description (Chinese)

Sunshine是LizardByte开源的一个 Moonlight 的自助游戏流主机。 Sunshine 2025.923.33222之前版本存在安全漏洞，该漏洞源于Windows服务SunshineService安装时未使用引号包裹可执行路径，可能导致执行恶意二进制文件。

Description (English)

Sunshine is a Moonlight self-help game stream host to Lizard Byte’s open source. Prior to Sunshine 2025.923.33222, there was a security loophole, which stemmed from the installation of the Windows service Sunshine Service without the use of quotation marks to execute the path, which could lead to the implementation of a malicious binary document.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

LizardByte

Published

2025-09-23

Last Modified

2026-02-24

References

https://github.com/LizardByte/Sunshine/commit/f22b00d6981f756d3531fba0028723d4a5065824 https://github.com/LizardByte/Sunshine/releases/tag/v2025.923.33222 https://github.com/LizardByte/Sunshine/security/advisories/GHSA-6p7j-5v8v-w45h

Patch

https://github.com/LizardByte/Sunshine/releases