CD Projekt Red has released a hotfix for Cyberpunk 2077 to fix a remote code execution vulnerability that could be exploited by third-party data file modifications and save games files. CyberpunkSaveEditor creator PixelRick disclosed a buffer overflow vulnerability chained with a non-ASLR DLL (xinput1_3.dll) allows specially crafted save games or modifications to perform code execution on a PC. The vulnerability could have allowed attackers to execute commands on the computer, including download and installing malware.
Source: https://www.bleepingcomputer.com/news/security/cyberpunk-2077-bug-fixed-that-let-malicious-mods-take-over-pcs/