radare2 — Vulnerabilities & Security Advisories 2

Browse all 2 CVE security advisories affecting radare2. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by radare2: radare2

[security] fix(project): confine project deletion to dir.projects by Hinotoi-agent · Pull Request #25830 · radareorg/rad

Medium2026-04-24

Fix #45 - Enable sandbox by default -g to setup the granularity · radareorg/radare2-mcp@482cde6 · GitHub

Medium2026-04-24

[security] fix(project): ignore symlinked imported notes by Hinotoi-agent · Pull Request #25831 · radareorg/radare2 · Gi

Medium2026-04-24

Ignore symlinked notes ##projects · radareorg/radare2@4bcdee7 · GitHub

Fix #25730 - Base64 encode PDB realnames before use in r2 command by jro-calif · Pull Request #25731 · radareorg/radare2

Critical2026-04-23

[Security] Command injection caused by lack of sanitization of PDB symbol names · Issue #25730 · radareorg/radare2

Fix cmd injection via unsanitized DWARF arg name in afsv ##security · radareorg/radare2@bc5a890 · GitHub

Fix cmd injection via unsanitized DWARF arg name in afsv ##anal by s-zaizen · Pull Request #25821 · radareorg/radare2 ·

Fix #25752 - Another command injection caused by the bad previous fix… · radareorg/radare2@5590c87 · GitHub

Critical2026-04-18

[security] Command injection via PDB section header name in print_gvars() · Issue #25752 · radareorg/radare2

Fix #25650 - Command injection in curl PDB download ##crash · radareorg/radare2@9236f44 · GitHub

advisories/advisories/radare2-nullptr-deref-bin_dyldcache.md at main · marlinkcyber/advisories · GitHub

Segmentation fault (SIGSEGV) in load (bin_dyldcache.c:1159) - null pointer of type 'struct RIODesc' · Issue #24661 · rad

LowCVE-2025-637452025-11-15

advisories/advisories/MCSAID-2025-001-radare2-nullptr-deref-bin_ne.md at main · marlinkcyber/advisories · GitHub

Segmentation fault (SIGSEGV) in info (bin_ne.c:83) · Issue #24660 · radareorg/radare2

Showing up to 20 recent security advisories. View all →

This page lists every published CVE security advisory associated with radare2. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.