Tag
high
advisory
Radare2 Path Traversal Vulnerability in Project Deletion
2 rules 1 TTP 1 CVERadare2 versions prior to 6.1.4 are vulnerable to a path traversal in project deletion, allowing local attackers to recursively delete arbitrary directories by escaping the 'dir.projects' root, leading to integrity and availability loss.
radare2
path-traversal
local-privilege-escalation
2r
1t
1c
high
advisory
Radare2 Command Injection Vulnerability (CVE-2026-41015)
2 rules 1 TTP 1 CVERadare2 before commit 9236f44, when configured on UNIX without SSL, is vulnerable to command injection via a PDB name passed to rabin2 -PP, potentially allowing arbitrary code execution.
radare2
command-injection
cve-2026-41015
linux
2r
1t
1c
high
advisory
radare2 PDB Parser Command Injection Vulnerability (CVE-2026-40517)
2 rules 1 TTP 1 CVEA command injection vulnerability exists in radare2 versions prior to 6.1.4, where a crafted PDB file with newline characters in symbol names can inject arbitrary radare2 commands, leading to arbitrary OS command execution.
radare2
command-injection
CVE-2026-40517
2r
1t
1c