wickedengine

WickedEngine is an open-source C++ 3D engine with a lightweight editor and built-in Lua scripting. Discussions on WindowsForum cover a heap-based buffer over-read vulnerability (CVE-2026-24821) in the Lua parser (lparser.C) affecting releases through 0.71.727. The flaw can be triggered when the engine compiles untrusted Lua code, and maintainers have merged corrective changes upstream. Users seeking patch guidance or technical details about this security issue will find community insights and references to the official GitHub pull request.