添加CVE-2025-59489漏洞相关说明

pirunxi · pirunxi · commit 5f9b35d252ea · 2025-10-13T18:28:12.000+08:00
diff --git a/docs/basic/install.md b/docs/basic/install.md
@@ -212,3 +212,7 @@ com.code-philosophy.hybridclr 包修改了本UnityEditor**进程内**的环境
 ## 注意事项
 
 由于 Unity 的缓存机制，更新 HybridCLR 后，一定要清除 Library\Il2cppBuildCache 目录，不然打包时不会使用最新的代码。如果你使用Installer来自动安装或者更新HybridCLR，它会自动清除这些目录，不需要你额外操作。
+
+## 其他
+
+- [CVE-2025-59489漏洞](https://unity.cn/security/sept-2025-01) 跟il2cpp没有关联，因此不需要升级hybridclr版本，只需要升级当前Unity版本到对应的patch版本或者其他已经修复此漏洞的Unity版本。
diff --git a/docs/help/faq.md b/docs/help/faq.md
@@ -53,4 +53,6 @@ HybridCLR本身只会增加很少包体(1-2M)。包体增大很多是因为你
 
 支持。AOT部分的burst代码工作正常，但热更新部分的burst代码以解释方式执行。这个是显然的。
 
+## [CVE-2025-59489漏洞](https://unity.cn/security/sept-2025-01) 需要升级到哪个hybridclr版本？
 
+此漏洞跟il2cpp没有关联，因此不需要升级hybridclr版本，只需要升级当前Unity版本到对应的patch版本或者其他已经修复此漏洞的Unity版本。
diff --git a/i18n/en/docusaurus-plugin-content-docs/current/basic/install.md b/i18n/en/docusaurus-plugin-content-docs/current/basic/install.md
@@ -210,3 +210,7 @@ For 2019 version Unity.IL2CPP.dll replacement, also use similar replacement or s
 ## Precautions
 
 Due to Unity's caching mechanism, after updating HybridCLR, you must clear the Library\Il2cppBuildCache directory, otherwise the latest code will not be used during packaging. If you use the Installer to automatically install or update HybridCLR, it will automatically clear these directories without requiring additional operations from you.
+
+## Others
+
+- [CVE-2025-59489 Vulnerability](https://unity.cn/security/sept-2025-01) is not related to IL2CPP, so there is no need to upgrade HybridCLR. You only need to update your current Unity version to the corresponding patch version or any other Unity version that has already fixed this vulnerability.
diff --git a/i18n/en/docusaurus-plugin-content-docs/current/help/faq.md b/i18n/en/docusaurus-plugin-content-docs/current/help/faq.md
@@ -52,4 +52,6 @@ Yes. However, note that the main project should be packaged with .NET Standard,
 
 Yes. Burst code in the AOT part works normally, but burst code in the hot update part executes in interpreter mode. This is expected.
 
+## [CVE-2025-59489 Vulnerability](https://unity.cn/security/sept-2025-01) — Which version of HybridCLR should I upgrade to?
 
+This vulnerability is not related to IL2CPP, so there is no need to upgrade HybridCLR. You only need to update your current Unity version to the corresponding patch version or any other Unity version that has already fixed this vulnerability.

Original file line number	Diff line number	Diff line change
`@@ -53,4 +53,6 @@ HybridCLR本身只会增加很少包体(1-2M)。包体增大很多是因为你`
`53`	`53`
`54`	`54`	`支持。AOT部分的burst代码工作正常，但热更新部分的burst代码以解释方式执行。这个是显然的。`
`55`	`55`
	`56`	`+## [CVE-2025-59489漏洞](https://unity.cn/security/sept-2025-01) 需要升级到哪个hybridclr版本？`
`56`	`57`
	`58`	`+此漏洞跟il2cpp没有关联，因此不需要升级hybridclr版本，只需要升级当前Unity版本到对应的patch版本或者其他已经修复此漏洞的Unity版本。`
Original file line number	Diff line number	Diff line change
`@@ -52,4 +52,6 @@ Yes. However, note that the main project should be packaged with .NET Standard,`
`52`	`52`
`53`	`53`	`Yes. Burst code in the AOT part works normally, but burst code in the hot update part executes in interpreter mode. This is expected.`
`54`	`54`
	`55`	`+## [CVE-2025-59489 Vulnerability](https://unity.cn/security/sept-2025-01) — Which version of HybridCLR should I upgrade to?`
`55`	`56`
	`57`	`+This vulnerability is not related to IL2CPP, so there is no need to upgrade HybridCLR. You only need to update your current Unity version to the corresponding patch version or any other Unity version that has already fixed this vulnerability.`