Heap Buffer Overflow in Rizin UNIX-like Reverse Engineering Framework
CVE-2026-45613

3.3LOW

Key Information:

Vendor: Rizinorg
Status: Rizin
Vendor: CVE Published:; 29 May 2026

What is CVE-2026-45613?

A heap buffer overflow vulnerability exists within the Rizin UNIX-like reverse engineering framework due to improper handling of input in the OMF format parser. This flaw can potentially lead to unauthorized access or arbitrary code execution, compromising the system's integrity. The issue has been addressed in the recent commit e6d0937c8a083e23ed76ccfb9f631cdc50c7af47, which implements necessary validation checks to mitigate the risk and enhance security against exploitation attempts.

Affected Version(s)

rizin < e6d0937c8a083e23ed76ccfb9f631cdc50c7af47

References

https://github.com/rizinorg/rizin/security/advisories/GHS...

x_refsource_CONFIRM

https://github.com/rizinorg/rizin/commit/e6d0937c8a083e23...

x_refsource_MISC

CVSS V3.1

Score:

3.3

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 29, 2026
Vulnerability Reserved
May 12, 2026

CVE-2026-45613 Data

JSON

Rizinorg

What is CVE-2026-45613?

Affected Version(s)

References

CVSS V3.1

Timeline