PT-2026-55838 · Radareorg · Radare2
Kery Qi
·
Published
2026-07-06
·
Updated
2026-07-06
·
CVE-2026-14786
CVSS v2.0
1.7
Low
| Vector | AV:L/AC:L/Au:S/C:N/I:N/A:P |
A security flaw has been discovered in radareorg radare2 up to 6.1.6. This impacts the function r str word get0set of the file libr/util/str.c. The manipulation results in integer overflow. The attack must be initiated from a local position. The exploit has been released to the public and may be used for attacks. The patch is identified as 11ac224c0eb8d57830fccc99e1c1cd8e5d958813. It is best practice to apply a patch to resolve this issue.
Exploit
Fix
Integer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Radare2