CVE Vulnerabilities

CVE-2026-14757

Published: Jul 05, 2026 | Modified: Jul 07, 2026
CVSS 3.x
7.8
HIGH
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
5.3 MODERATE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Ubuntu
MEDIUM
root.io logo minimus.io logo echo.ai logo

A vulnerability was determined in radareorg radare2 up to 6.1.6. This affects the function core_anal_bytes of the file libr/core/cmd_anal.inc. This manipulation causes integer overflow. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized. It is suggested to install a patch to address this issue.

Affected Software

NameVendorStart VersionEnd Version
Radare2Radare6.1.0 (including)6.1.8 (excluding)
Radare2Ubuntuquesting*

References