Rizinorg Rizin
15 CVEs affecting Rizinorg Rizin. Latest disclosed: 2026-05-29. Critical: 0, High: 10.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-53256 | High | 7.8 | 2024-12-23 | Rizin is a UNIX-like reverse engineering framework and command-line toolset. `rizin.c` still had an old snippet of code which suffered a command injection due… |
CVE-2023-40022 | High | 7.8 | 2023-08-24 | Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.6.0 and prior are vulnerable to integer overflow in `consume_count` of… |
CVE-2023-27590 | High | 7.8 | 2023-03-14 | Rizin is a UNIX-like reverse engineering framework and command-line toolset. In version 0.5.1 and prior, converting a GDB registers profile file into a Rizin r… |
CVE-2022-36039 | High | 7.8 | 2022-09-06 | Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to out-of-bounds write when parsing DEX fi… |
CVE-2022-36044 | High | 7.8 | 2022-09-06 | Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to an out-of-bounds write when getting dat… |
CVE-2022-36043 | High | 7.8 | 2022-09-06 | Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to a double free in bobj.c:rz_bin_reloc_st… |
CVE-2022-36042 | High | 7.8 | 2022-09-06 | Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to an out-of-bounds write when getting dat… |
CVE-2022-36041 | High | 7.8 | 2022-09-06 | Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to an out-of-bounds write when parsing Mac… |
CVE-2022-36040 | High | 7.8 | 2022-09-06 | Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to an out-of-bounds write when getting dat… |
CVE-2021-43814 | High | 7.7 | 2021-12-13 | Rizin is a UNIX-like reverse engineering framework and command-line toolset. In versions up to and including 0.3.1 there is a heap-based out of bounds write in… |
CVE-2025-1788 | Medium | 5.3 | 2025-03-01 | A vulnerability, which was classified as critical, was found in rizinorg rizin up to 0.8.0. This affects the function rz_utf8_encode in the library /librz/util… |
CVE-2025-1786 | Medium | 5.3 | 2025-03-01 | A vulnerability was found in rizinorg rizin up to 0.7.4. It has been rated as critical. This issue affects the function msf_stream_directory_free in the librar… |
CVE-2026-22780 | Medium | 4.4 | 2026-02-02 | Rizin is a UNIX-like reverse engineering framework and command-line toolset. Prior to 0.8.2, a heap overflow can be exploited when a malicious mach0 file, havi… |
CVE-2026-45613 | Low | 3.3 | 2026-05-29 | Rizin is a UNIX-like reverse engineering framework and command-line toolset. There is a heap-buffer-overflow in librz/bin/format/omf/omf.c. This vulnerability… |
CVE-2026-45324 | Low | 3.3 | 2026-05-29 | Rizin is a UNIX-like reverse engineering framework and command-line toolset. There is a double free in librz/core/cmd/cmd_search.c:byte_pattern_search() due wr… |