Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

rizinorg — Vulnerabilities & Security Advisories 13

Browse all 13 CVE security advisories affecting rizinorg. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Rizinorg develops the reverse engineering framework Rizin, primarily used for binary analysis and disassembly. Historically, its vulnerabilities have included remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from input validation failures and insecure memory handling. The project maintains an active security response, addressing issues through regular updates. While no major public incidents have been documented, the 13 CVEs on record highlight potential risks in handling untrusted input, particularly in its web interface and plugin system. Security researchers have identified vulnerabilities in components like rz-ghidra and rz-pjs, emphasizing the need for careful input sanitization when processing external files.

Top products by rizinorg: rizin
CVE IDTitleCVSSSeverityPublished
CVE-2026-22780 Rizin has a heap overflow on mach0_chained_fixups.c — rizinCWE-770 4.4 Medium2026-02-02
CVE-2025-1788 rizinorg rizin utf8.c rz_utf8_encode heap-based overflow — rizinCWE-122 5.3 Medium2025-03-01
CVE-2025-1786 rizinorg rizin pdb.c msf_stream_directory_free buffer overflow — rizinCWE-120 5.3 Medium2025-03-01
CVE-2024-53256 Rizin has a command injection via RzBinInfo bclass due legacy code — rizinCWE-78 7.8 High2024-12-23
CVE-2023-40022 Rizin vulnerable to Integer Overflow in C++ demangler logic — rizinCWE-190 7.8 High2023-08-24
CVE-2023-27590 Rizin has stack-based buffer overflow when parsing GDB registers profile files — rizinCWE-121 7.8 High2023-03-14
CVE-2022-36039 Out-of-bounds write when parsing DEX files in Rizin — rizinCWE-787 7.8 High2022-09-06
CVE-2022-36040 Rizin Out-of-bounds Write vulnerability in pyc/marshal.c — rizinCWE-787 7.8 High2022-09-06
CVE-2022-36041 Rizin Out-of-bounds Write vulnerability in Mach-O binary plugin — rizinCWE-787 7.8 High2022-09-06
CVE-2022-36042 Rizin Out-of-bounds Write vulnerability in dyld cache binary plugin — rizinCWE-787 7.8 High2022-09-06
CVE-2022-36043 Rizin Double Free in bobj.c when using qnx binary plugin — rizinCWE-415 7.8 High2022-09-06
CVE-2022-36044 Rizin Out-of-bounds Write vulnerability in Lua binary plugin — rizinCWE-787 7.8 High2022-09-06
CVE-2021-43814 Heap-based OOB write when parsing dwarf DIE info in Rizin — rizinCWE-787 7.7 High2021-12-13

This page lists every published CVE security advisory associated with rizinorg. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.