Memory Leak Vulnerability in Radare2 by Radare Org
CVE-2025-60361

3.3LOW

Key Information:

Vendor: Radare Org
Status: Radare2
Vendor: CVE Published:; 17 October 2025

What is CVE-2025-60361?

Radare2 versions up to and including v5.9.8 exhibit a memory leak in the bochs_open function. This issue may cause the application to consume an excessive amount of memory, potentially leading to degraded performance and exposing sensitive data to unauthorized access. Users are advised to update to the latest version to mitigate these risks.

References

https://github.com/radareorg/radare2/pull/24312

CVSS V3.1

Score:

3.3

Severity:

LOW

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 17, 2025
Vulnerability Reserved
Sep 26, 2025

CVE-2025-60361 Data

JSON