Radare Radare2 vulnerabilities

CVE-2026-41015 [HIGH] CWE-78 CVE-2026-41015: radare2 before 9236f44, when configured on UNIX without SSL, allows command injection via a PDB name radare2 before 9236f44, when configured on UNIX without SSL, allows command injection via a PDB name to rabin2 -PP. NOTE: although users are supposed to use the latest version from git (not a release), the date range for the vulnerable code was less than a week, occurring after 6.1.2 but before 6.1.3.

CVE-2025-63744 [MEDIUM] CWE-476 CVE-2025-63744: A NULL pointer dereference vulnerability was discovered in radare2 6.0.5 and earlier within the load A NULL pointer dereference vulnerability was discovered in radare2 6.0.5 and earlier within the load() function of bin_dyldcache.c. Processing a crafted file can cause a segmentation fault and crash the program.

CVE-2025-63745 [MEDIUM] CWE-476 CVE-2025-63745: A NULL pointer dereference vulnerability was discovered in radare2 6.0.5 and earlier within the info A NULL pointer dereference vulnerability was discovered in radare2 6.0.5 and earlier within the info() function of bin_ne.c. A crafted binary input can trigger a segmentation fault, leading to a denial of service when the tool processes malformed data.

CVE-2025-60360 [MEDIUM] CWE-401 CVE-2025-60360: radare2 v5.9.8 and before contains a memory leak in the function r2r_subprocess_init. radare2 v5.9.8 and before contains a memory leak in the function r2r_subprocess_init.

CVE-2025-60359 [MEDIUM] CWE-401 CVE-2025-60359: radare2 v5.9.8 and before contains a memory leak in the function r_bin_object_new. radare2 v5.9.8 and before contains a memory leak in the function r_bin_object_new.

CVE-2025-60361 [LOW] CWE-401 CVE-2025-60361: radare2 v5.9.8 and before contains a memory leak in the function bochs_open. radare2 v5.9.8 and before contains a memory leak in the function bochs_open.

CVE-2025-60358 [MEDIUM] CWE-401 CVE-2025-60358: radare2 v.5.9.8 and before contains a memory leak in the function _load_relocations. radare2 v.5.9.8 and before contains a memory leak in the function _load_relocations.

CVE-2025-5642 [LOW] CWE-119 CVE-2025-5642: A vulnerability classified as problematic has been found in Radare2 5.9.9. Affected is the function A vulnerability classified as problematic has been found in Radare2 5.9.9. Affected is the function r_cons_pal_init in the library /libr/cons/pal.c of the component radiff2. The manipulation leads to memory corruption. The attack needs to be approached locally. The complexity of an attack is rather high. The exploitability is told to be difficult. The exp

CVE-2025-5648 [LOW] CWE-119 CVE-2025-5648: A vulnerability was found in Radare2 5.9.9. It has been classified as problematic. Affected is the f A vulnerability was found in Radare2 5.9.9. It has been classified as problematic. Affected is the function r_cons_pal_init in the library /libr/cons/pal.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. An attack has to be approached locally. The complexity of an attack is rather high. The exploitability is told

CVE-2025-5644 [LOW] CWE-119 CVE-2025-5644: A vulnerability, which was classified as problematic, has been found in Radare2 5.9.9. Affected by t A vulnerability, which was classified as problematic, has been found in Radare2 5.9.9. Affected by this issue is the function r_cons_flush in the library /libr/cons/cons.c of the component radiff2. The manipulation of the argument -T leads to use after free. Local access is required to approach this attack. The complexity of an attack is rather high. The

CVE-2025-5647 [LOW] CWE-119 CVE-2025-5647: A vulnerability was found in Radare2 5.9.9 and classified as problematic. This issue affects the fun A vulnerability was found in Radare2 5.9.9 and classified as problematic. This issue affects the function r_cons_context_break_pop in the library /libr/cons/cons.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. The attack needs to be approached locally. The complexity of an attack is rather high. The exploitatio

CVE-2025-5646 [LOW] CWE-119 CVE-2025-5646: A vulnerability has been found in Radare2 5.9.9 and classified as problematic. This vulnerability af A vulnerability has been found in Radare2 5.9.9 and classified as problematic. This vulnerability affects the function r_cons_rainbow_free in the library /libr/cons/pal.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. It is possible to launch the attack on the local host. The complexity of an attack is rather hi

CVE-2025-5643 [LOW] CWE-119 CVE-2025-5643: A vulnerability classified as problematic was found in Radare2 5.9.9. Affected by this vulnerability A vulnerability classified as problematic was found in Radare2 5.9.9. Affected by this vulnerability is the function cons_stack_load in the library /libr/cons/cons.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. An attack has to be approached locally. The complexity of an attack is rather high. The exploitation

CVE-2025-5645 [LOW] CWE-119 CVE-2025-5645: A vulnerability, which was classified as problematic, was found in Radare2 5.9.9. This affects the f A vulnerability, which was classified as problematic, was found in Radare2 5.9.9. This affects the function r_cons_pal_init in the library /libr/cons/pal.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. Attacking locally is a requirement. The complexity of an attack is rather high. The exploitability is told to

CVE-2025-5641 [LOW] CWE-119 CVE-2025-5641: A vulnerability was found in Radare2 5.9.9. It has been rated as problematic. This issue affects the A vulnerability was found in Radare2 5.9.9. It has been rated as problematic. This issue affects the function r_cons_is_breaked in the library /libr/cons/cons.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. It is possible to launch the attack on the local host. The complexity of an attack is rather high. The ex

CVE-2025-1864 [CRITICAL] CWE-119 CVE-2025-1864: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in radareorg r Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in radareorg radare2 allows Overflow Buffers.This issue affects radare2: before <5.9.9.

CVE-2025-1744 [CRITICAL] CWE-787 CVE-2025-1744: Out-of-bounds Write vulnerability in radareorg radare2 allows heap-based buffer over-read or buffe Out-of-bounds Write vulnerability in radareorg radare2 allows heap-based buffer over-read or buffer overflow.This issue affects radare2: before <5.9.9.

CVE-2025-1378 [MEDIUM] CWE-119 CVE-2025-1378: A vulnerability, which was classified as problematic, was found in radare2 5.9.9 33286. Affected is A vulnerability, which was classified as problematic, was found in radare2 5.9.9 33286. Affected is an unknown function in the library /libr/main/rasm2.c of the component rasm2. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to version 6.0.0 is

CVE-2024-29646 [CRITICAL] CWE-120 CVE-2024-29646: Buffer Overflow vulnerability in radarorg radare2 v.5.8.8 allows an attacker to execute arbitrary co Buffer Overflow vulnerability in radarorg radare2 v.5.8.8 allows an attacker to execute arbitrary code via the name, type, or group fields.

CVE-2024-11858 [HIGH] CWE-78 CVE-2024-11858: A flaw was found in Radare2, which contains a command injection vulnerability caused by insufficient A flaw was found in Radare2, which contains a command injection vulnerability caused by insufficient input validation when handling Pebble Application files. Maliciously crafted inputs can inject shell commands during command parsing, leading to unintended behavior during file processing​