Radareorg Radare2 vulnerabilities

5 known vulnerabilities affecting radareorg/radare2.

Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH2

Vulnerabilities

Page 1 of 1
CVE-2026-40527HIGHCVSS 8.5fixed in bc5a89033db3ecb5b1f7bf681fc6ba4dcfc146832026-04-17
CVE-2026-40527 [HIGH] CWE-78 CVE-2026-40527: radare2 prior to commit bc5a890 contains a command injection vulnerability in the afsv/afsvj command radare2 prior to commit bc5a890 contains a command injection vulnerability in the afsv/afsvj command path where crafted ELF binaries can embed malicious r2 command sequences as DWARF DW_TAG_formal_parameter names. Attackers can craft a binary with shell commands in DWARF parameter names that execute when radare2 analyzes the binary with aaa and subsequ
nvd
CVE-2026-40499HIGHCVSS 8.4fixed in 6.1.42026-04-15
CVE-2026-40499 [HIGH] CWE-78 CVE-2026-40499: radare2 prior to version 6.1.4 contains a command injection vulnerability in the PDB parser's print_ radare2 prior to version 6.1.4 contains a command injection vulnerability in the PDB parser's print_gvars() function that allows attackers to execute arbitrary commands by embedding a newline byte in the PE section header name field. Attackers can craft a malicious PDB file with specially crafted section names to inject r2 commands that are executed wh
nvd
CVE-2025-1864CRITICALCVSS 10.0fixed in <5.9.92025-03-03
CVE-2025-1864 [CRITICAL] CWE-119 CVE-2025-1864: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in radareorg r Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in radareorg radare2 allows Overflow Buffers.This issue affects radare2: before <5.9.9.
nvd
CVE-2025-1744CRITICALCVSS 10.0fixed in <5.9.92025-02-28
CVE-2025-1744 [CRITICAL] CWE-787 CVE-2025-1744: Out-of-bounds Write vulnerability in radareorg radare2 allows heap-based buffer over-read or buffe Out-of-bounds Write vulnerability in radareorg radare2 allows heap-based buffer over-read or buffer overflow.This issue affects radare2: before <5.9.9.
nvd
CVE-2020-15121CRITICALCVSS 9.6fixed in 4.5.02020-07-20
CVE-2020-15121 [CRITICAL] CWE-78 CVE-2020-15121: In radare2 before version 4.5.0, malformed PDB file names in the PDB server path cause shell injecti In radare2 before version 4.5.0, malformed PDB file names in the PDB server path cause shell injection. To trigger the problem it's required to open the executable in radare2 and run idpd to trigger the download. The shell code will execute, and will create a file called pwned in the current directory.
nvd