Integer Overflow Vulnerability in radareorg radare2 Product
CVE-2026-14787
Key Information:
Badges
What is CVE-2026-14787?
A weakness has been identified in the radare2 product from radareorg, specifically within the cmd_print function in the libr/core/cmd_print.inc component. This vulnerability allows for an integer overflow condition, which can be exploited locally. The public availability of an exploit raises concerns regarding potential attacks against affected systems. It is crucial to apply the recommended patch (commit 2b6265476c75567006b0fcbb749f4ae7b189c5df) to mitigate this issue effectively.
Affected Version(s)
radare2 6.1.0
radare2 6.1.1
radare2 6.1.2
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
References
CVSS V4
Timeline
- ๐ก
Public PoC available
- ๐พ
Exploit known to exist
Vulnerability published
Vulnerability Reserved
