PatchSiren

Unity CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH Unity CVE published 2026-07-04

CVE-2026-54424

CVE-2026-54424 is an Incorrect Use of Privileged APIs vulnerability in Unity Parsec on Windows hosts, potentially leading to Elevation of Privilege. The issue affects Parsec through version 2026-05-04.0 and is patched in Parsec for Windows version 150-104a. An attacker can exploit this vulnerability by manipulating the AppData environment variable when there is an instance of parsecd.exe running as NT AUT [truncated]