CVE-2026-41015
CVE-2026-41015 affects radare2 prior to the commit 9236f44. On UNIX configurations without SSL, a PDB name passed to rabin2 -PP can lead to local command injection. The vulnerability window is stated as between 6.1.2 and 6.1.3, with the fix introduced by the commit 9236f44 (referenced in the link...