Command Injection Vulnerability in radare2 PDB Parser
CVE-2026-40499
8.4HIGH
Key Information:
Badges
๐พ Exploit Exists
What is CVE-2026-40499?
radare2, prior to version 6.1.4, is susceptible to a command injection vulnerability located in the PDB parser's print_gvars() function. This vulnerability allows attackers to execute arbitrary commands by inserting a newline byte into the PE section header name field of a maliciously crafted PDB file. An attacker could exploit this flaw by embedding specially crafted section names, which would execute unauthorized r2 commands during the processing of the file using the idp command.
Affected Version(s)
radare2 0 < 6.1.4
radare2 5590c87deeb7eb2a106fd7aab9ca88bfeebb7397
References
CVSS V4
Score:
8.4
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown
Timeline
- ๐ก
Public PoC available
- ๐พ
Exploit known to exist
Vulnerability published
Vulnerability Reserved
Credit
junrong of Calif
