Radare Radare2
29 CVEs affecting Radare Radare2. Latest disclosed: 2026-05-15. Critical: 0, High: 17.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-40527 | High | 7.8 | 2026-04-17 | radare2 prior to commit bc5a890 contains a command injection vulnerability in the afsv/afsvj command path where crafted ELF binaries can embed malicious r2 com… |
CVE-2026-40499 | High | 7.8 | 2026-04-15 | radare2 prior to version 6.1.4 contains a command injection vulnerability in the PDB parser's print_gvars() function that allows attackers to execute arbitrary… |
CVE-2017-16358 | High | 7.8 | 2017-11-01 | In radare 2.0.1, an out-of-bounds read vulnerability exists in string_scan_range() in libr/bin/bin.c when doing a string search. |
CVE-2017-16357 | High | 7.8 | 2017-11-01 | In radare 2.0.1, a memory corruption vulnerability exists in store_versioninfo_gnu_verdef() and store_versioninfo_gnu_verneed() in libr/bin/format/elf/elf.c, a… |
CVE-2017-15932 | High | 7.8 | 2017-10-27 | In radare2 2.0.1, an integer exception (negative number leading to an invalid memory access) exists in store_versioninfo_gnu_verdef() in libr/bin/format/elf/el… |
CVE-2017-15931 | High | 7.8 | 2017-10-27 | In radare2 2.0.1, an integer exception (negative number leading to an invalid memory access) exists in store_versioninfo_gnu_verneed() in libr/bin/format/elf/e… |
CVE-2017-15385 | High | 7.8 | 2017-10-16 | The store_versioninfo_gnu_verdef function in libr/bin/format/elf/elf.c in radare2 2.0.0 allows remote attackers to cause a denial of service (r_read_le16 inval… |
CVE-2017-15368 | High | 7.8 | 2017-10-16 | The wasm_dis function in libr/asm/arch/wasm/wasm.c in radare2 2.0.0 allows remote attackers to cause a denial of service (stack-based buffer over-read and appl… |
CVE-2017-10929 | High | 7.8 | 2017-07-05 | The grub_memmove function in shlr/grub/kern/misc.c in radare2 1.5.0 allows remote attackers to cause a denial of service (heap-based buffer overflow and applic… |
CVE-2017-9949 | High | 7.8 | 2017-06-26 | The grub_memmove function in shlr/grub/kern/misc.c in radare2 1.5.0 allows remote attackers to cause a denial of service (stack-based buffer underflow and appl… |
CVE-2017-6448 | High | 7.8 | 2017-04-03 | The dalvik_disassemble function in libr/asm/p/asm_dalvik.c in radare2 1.2.1 allows remote attackers to cause a denial of service (stack-based buffer overflow a… |
CVE-2017-6194 | High | 7.8 | 2017-04-03 | The relocs function in libr/bin/p/bin_bflt.c in radare2 1.2.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and application… |
CVE-2017-6319 | High | 7.8 | 2017-03-02 | The dex_parse_debug_item function in libr/bin/p/bin_dex.c in radare2 1.2.1 allows remote attackers to cause a denial of service (buffer overflow and applicatio… |
CVE-2026-8696 | High | 7.5 | 2026-05-15 | radare2 6.1.5 contains a use-after-free vulnerability in the gdbr_pids_list() function within the GDB client core that allows remote attackers to cause a denia… |
CVE-2026-8695 | High | 7.5 | 2026-05-15 | radare2 6.1.5 contains a use-after-free vulnerability in the gdbr_threads_list() function that allows remote attackers to trigger memory corruption by sending… |
CVE-2017-9763 | High | 7.5 | 2017-06-19 | The grub_ext2_read_block function in fs/ext2.c in GNU GRUB before 2013-11-12, as used in shlr/grub/fs/ext2.c in radare2 1.5.0, allows remote attackers to cause… |
CVE-2026-41015 | High | 7.4 | 2026-04-16 | radare2 before 9236f44, when configured on UNIX without SSL, allows command injection via a PDB name to rabin2 -PP. NOTE: although users are supposed to use th… |
CVE-2017-16805 | Medium | 5.5 | 2017-11-13 | In radare2 2.0.1, libr/bin/dwarf.c allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted ELF file, related to… |
CVE-2017-16359 | Medium | 5.5 | 2017-11-01 | In radare 2.0.1, a pointer wraparound vulnerability exists in store_versioninfo_gnu_verdef() in libr/bin/format/elf/elf.c. |
CVE-2017-9762 | Medium | 5.5 | 2017-06-19 | The cmd_info function in libr/core/cmd_info.c in radare2 1.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via… |