Description
A security vulnerability has been detected in radareorg radare2 up to 6.1.6. Affected by this vulnerability is the function r_core_bin_load of the file libr/core/cfile.c. Such manipulation leads to use after free. The attack needs to be performed locally. The exploit has been disclosed publicly and may be used. The name of the patch is 635ab1eeb30340c26076722a90cb91fb2272130b. Applying a patch is advised to resolve this issue.
Published: 2026-07-06
Score: 4.8 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability resides in the r_core_bin_load function of radare2’s core file loader. It allows a local attacker to trigger a use‑after‑free condition, causing the program to access freed memory. The flaw is classified as CWE‑119 and CWE‑416, and can lead to program crashes, memory corruption, or, in the worst scenario, arbitrary code execution when an attacker can control the data passed to the function.

Affected Systems

The flaw affects radareorg radare2 up to and including version 6.1.6. Any installation running these releases is susceptible unless the commit 635ab1eeb30340c26076722a90cb91fb2272130b has been applied.

Risk and Exploitability

The CVSS score of 4.8 indicates medium severity for a local exploitation. The EPSS score is < 1%, indicating a very low likelihood of exploitation, and it is not listed in CISA’s KEV catalog. Nevertheless, the exploit has been publicly disclosed, so a user with local access to radare2 could potentially trigger memory corruption or arbitrary code execution.

Generated by OpenCVE AI on July 7, 2026 at 06:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update radare2 to a version that incorporates commit 635ab1eeb30340c26076722a90cb91fb2272130b or later.
  • If an immediate update is not possible, run radare2 under a least‑privilege user account or restrict its execution permissions to mitigate local impact.
  • Validate or sandbox any external scripts or inputs that invoke radare2’s r_core_bin_load function to reduce the risk of supplying crafted data.

Generated by OpenCVE AI on July 7, 2026 at 06:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 07 Jul 2026 00:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-825
References
Metrics threat_severity

None

threat_severity

Low


Mon, 06 Jul 2026 13:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Mon, 06 Jul 2026 02:00:00 +0000

Type Values Removed Values Added
Description A security vulnerability has been detected in radareorg radare2 up to 6.1.6. Affected by this vulnerability is the function r_core_bin_load of the file libr/core/cfile.c. Such manipulation leads to use after free. The attack needs to be performed locally. The exploit has been disclosed publicly and may be used. The name of the patch is 635ab1eeb30340c26076722a90cb91fb2272130b. Applying a patch is advised to resolve this issue.
Title radareorg radare2 cfile.c r_core_bin_load use after free
First Time appeared Radareorg
Radareorg radare2
Weaknesses CWE-119
CWE-416
CPEs cpe:2.3:a:radareorg:radare2:*:*:*:*:*:*:*:*
Vendors & Products Radareorg
Radareorg radare2
References
Metrics cvssV2_0

{'score': 1.7, 'vector': 'AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:OF/RC:C'}

cvssV3_0

{'score': 3.3, 'vector': 'CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C'}

cvssV3_1

{'score': 3.3, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C'}

cvssV4_0

{'score': 4.8, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P'}


Subscriptions

Radareorg Radare2
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-07-06T13:05:50.219Z

Reserved: 2026-07-05T16:03:19.139Z

Link: CVE-2026-14788

cve-icon Vulnrichment

Updated: 2026-07-06T13:05:46.633Z

cve-icon NVD

No data.

cve-icon Redhat

Severity : Low

Publid Date: 2026-07-06T01:45:08Z

Links: CVE-2026-14788 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-07-07T06:30:16Z

Weaknesses
  • CWE-119

    Improper Restriction of Operations within the Bounds of a Memory Buffer

  • CWE-416

    Use After Free

  • CWE-825

    Expired Pointer Dereference