CVE Catalog

CVE-2026-14757

MediumCVSS 5.3
Published: Translated: NVD NIST

Summary

A vulnerability was found in radareorg radare2 up to version 6.1.6 in the core_anal_bytes function of libr/core/cmd_anal.inc. Manipulation leads to integer overflow. The attack requires local access and the exploit has been publicly disclosed.

Risk Assessment

A local attacker could exploit the integer overflow to cause system instability or potentially escalate privileges, threatening the integrity and availability of the analyzed environment.

Recommendation

Immediately apply the available patch for radare2 to fix the vulnerability. It is also recommended to restrict local access to the system.

Original NVD description (English source)

A vulnerability was determined in radareorg radare2 up to 6.1.6. This affects the function core_anal_bytes of the file libr/core/cmd_anal.inc. This manipulation causes integer overflow. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized. It is suggested to install a patch to address this issue.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS