Radare Security Vulnerabilities (CVEs)
Track 30 security vulnerabilities affecting Radare products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
A NULL pointer dereference vulnerability in radare2 versions 6.0.5 and earlier allows attackers to cause a denial of service via a segmentation fault....
Nov 14, 2025A NULL pointer dereference vulnerability in radare2's bin_dyldcache.c load() function allows attackers to crash the program by processing a malicious ...
Nov 14, 2025CVE-2025-60360 is a memory leak vulnerability in radare2's r2r_subprocess_init function that allows attackers to cause resource exhaustion through rep...
Oct 17, 2025CVE-2025-60359 is a memory leak vulnerability in radare2's r_bin_object_new function that allows attackers to cause denial of service through resource...
Oct 17, 2025A memory leak vulnerability exists in radare2's _load_relocations function in versions 5.9.8 and earlier. This vulnerability allows attackers to cause...
Oct 16, 2025CVE-2025-1864 is a memory buffer overflow vulnerability in radare2, a reverse engineering framework. Attackers can exploit this to execute arbitrary c...
Mar 3, 2025CVE-2025-1744 is an out-of-bounds write vulnerability in radare2 that allows heap-based buffer over-read or buffer overflow. This affects all users ru...
Feb 28, 2025A buffer overflow vulnerability in radare2 v5.8.8 allows attackers to execute arbitrary code by manipulating name, type, or group fields. This affects...
Dec 17, 2024A buffer overflow vulnerability in radare2 v5.8.8 allows attackers to execute arbitrary code by exploiting the parse_die function. This affects users ...
Dec 2, 2024A local denial-of-service vulnerability in radare2's __bf_div function allows attackers to crash the application. This affects users running radare2 v...
Oct 30, 2024CVE-2023-47016 is an out-of-bounds read vulnerability in radare2's binary object handling that can cause application crashes. Attackers could potentia...
Nov 22, 2023CVE-2023-46569 is an out-of-bounds read vulnerability in radare2's ND32 disassembler that could allow attackers to read sensitive memory contents or c...
Oct 28, 2023CVE-2022-28068 is a heap buffer overflow vulnerability in the r_sleb128 function of radare2, a popular reverse engineering framework. Attackers can ex...
Aug 22, 2023A null pointer dereference vulnerability in radare2's __core_anal_fcn function allows attackers to cause denial of service or potentially execute arbi...
Aug 22, 2023A heap buffer overflow vulnerability in the r_read_le32 function of radare2 versions 5.4.2 and 5.4.0 allows attackers to execute arbitrary code or cau...
Aug 22, 2023A heap-based buffer overflow vulnerability in radare2 versions prior to 5.9.0 allows attackers to execute arbitrary code or cause denial of service. T...
Aug 14, 2023CVE-2021-32494 is a division by zero vulnerability in Radare2's Mach-O parser that allows attackers to cause denial of service through malicious input...
Jul 7, 2023CVE-2022-1899 is an out-of-bounds read vulnerability in radare2, a popular reverse engineering framework. This vulnerability allows attackers to read ...
May 26, 2022CVE-2022-1809 is an uninitialized pointer access vulnerability in radare2 reverse engineering framework versions before 5.7.0. This allows attackers t...
May 21, 2022CVE-2022-1714 is an out-of-bounds read vulnerability in radare2 reverse engineering framework versions prior to 5.7.0. This allows attackers to read s...
May 13, 2022This vulnerability in radare2 allows attackers to read memory beyond intended buffer boundaries in the Java constant value attribute parsing function....
Apr 24, 2022CVE-2022-1437 is a heap-based buffer overflow vulnerability in radare2 reverse engineering framework versions prior to 5.7.0. This allows attackers to...
Apr 22, 2022CVE-2022-1297 is an out-of-bounds read vulnerability in the r_bin_ne_get_entrypoints function of radare2, a reverse engineering framework. Attackers c...
Apr 11, 2022A heap buffer overflow vulnerability in radare2's Mach-O binary format parser allows attackers to execute arbitrary code or cause denial of service. T...
Apr 6, 2022This vulnerability is a heap buffer overflow in radare2's NE file format parser that allows writing beyond allocated memory boundaries. Attackers coul...
Apr 6, 2022This is a use-after-free vulnerability in the op_is_set_bp function of radare2, a reverse engineering framework. Attackers could exploit this to execu...
Mar 22, 2022CVE-2022-0713 is a heap-based buffer overflow vulnerability in radare2 reverse engineering framework versions prior to 5.6.4. Attackers can exploit th...
Feb 22, 2022This CVE describes a heap-based buffer overflow vulnerability in radare2, a popular reverse engineering framework. Attackers can exploit this by provi...
Feb 22, 2022This is a use-after-free vulnerability in radare2, a popular reverse engineering framework. Attackers can exploit this to execute arbitrary code or ca...
Feb 16, 2022CVE-2022-0139 is a use-after-free vulnerability in radare2, a popular reverse engineering framework. This allows attackers to execute arbitrary code o...
Feb 8, 2022Why Monitor Radare Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 30+ known vulnerabilities affecting Radare products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Radare packages in under 60 seconds. No agents required - completely agentless scanning that works across Radare deployments.
Free vulnerability database: Access detailed information about every Radare CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Radare CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
