Shodan
Vulnerabilities
Vulnerable Software
Radare:  >> Radare2  >> 1.0.2  Security Vulnerabilities
CVE-2025-63745
A NULL pointer dereference vulnerability was discovered in radare2 6.0.5 and earlier within the info() function of bin_ne.c. A crafted binary input can trigger a segmentation fault, leading to a denial of service when the tool processes malformed data.
CVSS Score
5.5
EPSS Score
0.0
Published
2025-11-14
CVE-2025-63744
A NULL pointer dereference vulnerability was discovered in radare2 6.0.5 and earlier within the load() function of bin_dyldcache.c. Processing a crafted file can cause a segmentation fault and crash the program.
CVSS Score
4.3
EPSS Score
0.0
Published
2025-11-14
CVE-2025-60361
radare2 v5.9.8 and before contains a memory leak in the function bochs_open.
CVSS Score
3.3
EPSS Score
0.0
Published
2025-10-17
CVE-2025-60360
radare2 v5.9.8 and before contains a memory leak in the function r2r_subprocess_init.
CVSS Score
5.5
EPSS Score
0.0
Published
2025-10-17
CVE-2025-60359
radare2 v5.9.8 and before contains a memory leak in the function r_bin_object_new.
CVSS Score
5.5
EPSS Score
0.0
Published
2025-10-17
CVE-2025-60358
radare2 v.5.9.8 and before contains a memory leak in the function _load_relocations.
CVSS Score
5.5
EPSS Score
0.0
Published
2025-10-16
CVE-2025-1864
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in radareorg radare2 allows Overflow Buffers.This issue affects radare2: before <5.9.9.
CVSS Score
9.8
EPSS Score
0.002
Published
2025-03-03
CVE-2025-1744
Out-of-bounds Write vulnerability in radareorg radare2 allows heap-based buffer over-read or buffer overflow.This issue affects radare2: before <5.9.9.
CVSS Score
9.8
EPSS Score
0.003
Published
2025-02-28
CVE-2024-11858
A flaw was found in Radare2, which contains a command injection vulnerability caused by insufficient input validation when handling Pebble Application files. Maliciously crafted inputs can inject shell commands during command parsing, leading to unintended behavior during file processing​
CVSS Score
8.6
EPSS Score
0.001
Published
2024-12-15
CVE-2024-26475
An issue in radareorg radare2 v.0.9.7 through v.5.8.6 and fixed in v.5.8.8 allows a local attacker to cause a denial of service via the grub_sfs_read_extent function.
CVSS Score
5.5
EPSS Score
0.001
Published
2024-03-14


Products
Pricing
Contact Us

Shodan ® - All rights reserved