216 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-14757
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was determined in radareorg radare2 up to 6.1.6. This affects the function coreanalbytes of the file libr/core/cmdanal.inc. This manipulation...
Linux Distros Unpatched Vulnerability : CVE-2026-14788
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A security vulnerability has been detected in radareorg radare2 up to 6.1.6. Affected by this vulnerability is the function rcorebinload of the file...
Linux Distros Unpatched Vulnerability : CVE-2026-14787
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A weakness has been identified in radareorg radare2 up to 6.1.6. Affected is the function cmdprint in the library libr/core/cmdprint.inc of the component pb Pri...
Linux Distros Unpatched Vulnerability : CVE-2026-14759
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A security flaw has been discovered in radareorg radare2 up to 6.1.6. This issue affects the function rbinjavainnerclassesattrcalcsize of the file...
UBUNTU-CVE-2026-14788
A security vulnerability has been detected in radareorg radare2 up to 6.1.6. Affected by this vulnerability is the function rcorebinload of the file libr/core/cfile.c. Such manipulation leads to use after free. The attack needs to be performed locally. The exploit has been disclosed publicly and...
CVE-2026-14786
A security flaw has been discovered in radareorg radare2 up to 6.1.6. This impacts the function rstrwordget0set of the file libr/util/str.c. The manipulation results in integer overflow. The attack must be initiated from a local position. The exploit has been released to the public and may be use...
CVE-2026-14786 radareorg radare2 str.c r_str_word_get0set integer overflow
A security flaw has been discovered in radareorg radare2 up to 6.1.6. This impacts the function rstrwordget0set of the file libr/util/str.c. The manipulation results in integer overflow. The attack must be initiated from a local position. The exploit has been released to the public and may be use...
PT-2026-55852
Name of the Vulnerable Software and Affected Versions radareorg radare2 versions prior to 6.1.7 Description A stack-based buffer overflow exists in the Memory64ListStream Parser component within the file libr/bin/format/mdmp/mdmp.c. This issue can be triggered through local manipulation...
PT-2026-55850
Name of the Vulnerable Software and Affected Versions radareorg radare2 versions prior to 6.1.7 Description A use after free issue exists in the r core bin load function within the libr/core/cfile.c file. This flaw allows a local attacker to trigger the condition through specific manipulation. Us...
EUVD-2026-41771
A security vulnerability has been detected in radareorg radare2 up to 6.1.6. The affected element is the function rstrndup/rstrappend of the file libr/util/str.c. The manipulation leads to integer overflow. An attack has to be approached locally. The exploit has been disclosed publicly and may be...
CVE-2026-14760
A weakness has been identified in radareorg radare2 up to 6.1.6. Impacted is the function rcoreseekarchbits of the file libr/core/disasm.c of the component regprofile Handler. Executing a manipulation can lead to use after free. The attack requires local access. The exploit has been made availabl...
CVE-2026-14757
A vulnerability was determined in radareorg radare2 up to 6.1.6. This affects the function coreanalbytes of the file libr/core/cmdanal.inc. This manipulation causes integer overflow. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized. It is...
CVE-2026-14759
A security flaw has been discovered in radareorg radare2 up to 6.1.6. This issue affects the function rbinjavainnerclassesattrcalcsize of the file shlr/java/class.c of the component RBinJava Line Number Table Parser. Performing a manipulation results in heap-based buffer overflow. The attack...
CVE-2026-14757
A vulnerability was determined in radareorg radare2 up to 6.1.6. This affects the function coreanalbytes of the file libr/core/cmdanal.inc. This manipulation causes integer overflow. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized. It is...
EUVD-2026-41766
A vulnerability was determined in radareorg radare2 up to 6.1.6. This affects the function coreanalbytes of the file libr/core/cmdanal.inc. This manipulation causes integer overflow. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized. It is...
PT-2026-55809
Name of the Vulnerable Software and Affected Versions radareorg radare2 versions prior to 6.1.7 Description A heap-based buffer overflow occurs in the RBinJava Line Number Table Parser component within the r bin java inner classes attr calc size function located in the shlr/java/class.c file. Thi...
PT-2026-55807
Name of the Vulnerable Software and Affected Versions radareorg radare2 versions prior to 6.1.7 Description An integer overflow occurs in the hexpairs Parser component within the cmd anal opcode function located in the libr/core/cmd anal.inc.c file. This issue requires local access to be exploite...
Linux Distros Unpatched Vulnerability : CVE-2026-6940
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - radare2 prior to 6.1.4 contains a path traversal vulnerability in project deletion that allows local attackers to recursively delete arbitrary directories by...
CVE-2026-40517
A flaw was found in radare2 that could lead to arbitrary operating system OS command execution. A local user could be exploited through a command injection vulnerability in the PDB Program Database parser. By processing a specially crafted malicious PDB file, the idp command would execute arbitra...
EUVD-2026-25301
radare2 prior to 6.1.4 contains a path traversal vulnerability in project deletion that allows local attackers to recursively delete arbitrary directories by supplying absolute paths that escape the configured dir.projects root directory. Attackers can craft absolute paths to project marker files...