Suggestions search

Untriaged

Filter by:

With package: radare2

Found 3 matching suggestions

View:

Compact

Detailed

Permalink CVE-2026-6940

7.1 HIGH

CVSS version (CVSS): 3.1
Attack Vector (AV): Local (L)
Attack Complexity (AC): Low (L)
Privileges Required (PR): None (N)
User Interaction (UI): Required (R)
Scope (S): Unchanged (U)
Confidentiality (C): None (N)
Integrity (I): High (H)
Availability (A): High (H)
Modified Attack Vector (MAV): Local (L)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): Required (R)
Modified Confidentiality (MC): None (N)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): High (H)
Modified Availability (MA): High (H)

created 3 weeks, 1 day ago Activity log

Created suggestion 3 weeks, 1 day ago

radare2 < 6.1.4 Project Deletion Path Traversal Directory Deletion

radare2 prior to 6.1.4 contains a path traversal vulnerability in project deletion that allows local attackers to recursively delete arbitrary directories by supplying absolute paths that escape the configured dir.projects root directory. Attackers can craft absolute paths to project marker files outside the project storage boundary to cause recursive deletion of attacker-chosen directories with permissions of the radare2 process, resulting in integrity and availability loss.

References

Pull Request exploittechnical-description
Patch Commit issue-tracking
https://www.vulncheck.com/advisories/radare2-project-deletion-path-traversal-di… third-party-advisory

Affected products

radare2

<6.1.4
<e5fcf56fe038760c872c6dbed432602778fde1ed git

Matching in nixpkgs

pkgs.radare2

UNIX-like reverse engineering framework and command-line toolset

nixos-unstable 6.1.2
- nixpkgs-unstable 6.1.2
- nixos-unstable-small 6.1.2
nixos-25.11 6.1.2
- nixos-25.11-small 6.1.2
- nixpkgs-25.11-darwin 6.1.2

Package maintainers

@arkivm Vikram Narayanan <vikram186@gmail.com>
@azahi Azat Bahawi <azat@bahawi.net>
@Mic92 Jörg Thalheim <joerg@thalheim.io>
@7c6f434c Michael Raskin <7c6f434c@mail.ru>
@makefu Felix Richter <makefu@syntax-fehler.de>

Permalink CVE-2026-6941

6.6 MEDIUM

CVSS version (CVSS): 3.1
Attack Vector (AV): Local (L)
Attack Complexity (AC): Low (L)
Privileges Required (PR): None (N)
User Interaction (UI): Required (R)
Scope (S): Unchanged (U)
Confidentiality (C): Low (L)
Integrity (I): High (H)
Availability (A): Low (L)
Modified Attack Vector (MAV): Local (L)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): Required (R)
Modified Confidentiality (MC): Low (L)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): High (H)
Modified Availability (MA): Low (L)

created 3 weeks, 1 day ago Activity log

Created suggestion 3 weeks, 1 day ago

radare2 < 6.1.4 Project Notes Path Traversal via Symlink

radare2 prior to 6.1.4 contains a path traversal vulnerability in its project notes handling that allows attackers to read or write files outside the configured project directory by importing a malicious .zrp archive containing a symlinked notes.txt file. Attackers can craft a .zrp archive with a symlinked notes.txt that bypasses directory confinement checks, allowing note operations to follow the symlink and access arbitrary files outside the dir.projects root directory.

References

Pull Request exploittechnical-description
Patch Commit issue-tracking
https://www.vulncheck.com/advisories/radare2-project-notes-path-traversal-via-s… third-party-advisory

Affected products

radare2

<4bcdee725ff0754ed721a98789c0af371c5f32a4
<6.1.4

Matching in nixpkgs

pkgs.radare2

UNIX-like reverse engineering framework and command-line toolset

nixos-unstable 6.1.2
- nixpkgs-unstable 6.1.2
- nixos-unstable-small 6.1.2
nixos-25.11 6.1.2
- nixos-25.11-small 6.1.2
- nixpkgs-25.11-darwin 6.1.2

Package maintainers

@arkivm Vikram Narayanan <vikram186@gmail.com>
@azahi Azat Bahawi <azat@bahawi.net>
@Mic92 Jörg Thalheim <joerg@thalheim.io>
@7c6f434c Michael Raskin <7c6f434c@mail.ru>
@makefu Felix Richter <makefu@syntax-fehler.de>

Permalink CVE-2026-6942

9.8 CRITICAL

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): None (N)
User Interaction (UI): None (N)
Scope (S): Unchanged (U)
Confidentiality (C): High (H)
Integrity (I): High (H)
Availability (A): High (H)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): High (H)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): High (H)
Modified Availability (MA): High (H)

created 3 weeks, 1 day ago Activity log

Created suggestion 3 weeks, 1 day ago

radare2-mcp <=1.6.0 OS Command Injection via Shell Metacharacter Bypass

radare2-mcp version 1.6.0 and earlier contains an os command injection vulnerability that allows remote attackers to execute arbitrary commands by bypassing the command filter through shell metacharacters in user-controlled input passed to r2_cmd_str(). Attackers can inject shell metacharacters through the jsonrpc interface parameters to achieve remote code execution on the host running radare2-mcp without requiring authentication.

References

Pull Request exploittechnical-description
Patch Commit issue-tracking
https://www.vulncheck.com/advisories/radare2-mcp-os-command-injection-via-shell… third-party-advisory

Affected products

radare2

<482cde6500009112a8bc0b3fa8d2ef6180581ec0
<1.6.0

Matching in nixpkgs

pkgs.radare2

UNIX-like reverse engineering framework and command-line toolset

nixos-unstable 6.1.2
- nixpkgs-unstable 6.1.2
- nixos-unstable-small 6.1.2
nixos-25.11 6.1.2
- nixos-25.11-small 6.1.2
- nixpkgs-25.11-darwin 6.1.2

Package maintainers

@arkivm Vikram Narayanan <vikram186@gmail.com>
@azahi Azat Bahawi <azat@bahawi.net>
@Mic92 Jörg Thalheim <joerg@thalheim.io>
@7c6f434c Michael Raskin <7c6f434c@mail.ru>
@makefu Felix Richter <makefu@syntax-fehler.de>