CVE-2026-14758
Last modified
CVE-2026-14758 is a medium-severity vulnerability rated 5.5/10 on the CVSS scale. A vulnerability was identified in radareorg radare2 up to 6.1.6. This vulnerability affects the function cmd_anal_opcode of the file libr/core/cmd_anal.inc.c of the component hexpairs Parser. EPSS estimates a 0.13% chance of exploitation in the next 30 days.
Description
A vulnerability was identified in radareorg radare2 up to 6.1.6. This vulnerability affects the function cmd_anal_opcode of the file libr/core/cmd_anal.inc.c of the component hexpairs Parser. Such manipulation leads to integer overflow. The attack needs to be performed locally. The exploit is publicly available and might be used. The name of the patch is 84e773986e7e5bb30453a9384f498ec0ccc9d0a9. A patch should be applied to remediate this issue.
Metrics
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Radare | Radare2 | >= 6.1.0, < 6.1.8 |
References
- https://github.com/radareorg/radare2/issues/26042Exploit, Issue Tracking
- https://vuldb.com/cve/CVE-2026-14758Third Party Advisory, VDB Entry
- https://vuldb.com/submit/850382Third Party Advisory, VDB Entry
- https://vuldb.com/vuln/376347Third Party Advisory, VDB Entry
- https://vuldb.com/vuln/376347/ctiPermissions Required, VDB Entry
Timeline
- Published
- Last Modified
- Status
- Analyzed
Frequently Asked Questions
What is CVE-2026-14758?
How severe is CVE-2026-14758?
How do I fix CVE-2026-14758?
Related CVEs from 2026
- CVE-2026-14752A security vulnerability has been detected in mjperpinosa st…3.5
- CVE-2026-14753A vulnerability was detected in mjperpinosa stumasy up to 32…7.3
- CVE-2026-14754A flaw has been found in code-projects Hotel and Tourism Res…7.3
- CVE-2026-14755A vulnerability has been found in code-projects Hotel and To…7.3
- CVE-2026-14756A vulnerability was found in code-projects Hotel and Tourism…7.3
- CVE-2026-14757A vulnerability was determined in radareorg radare2 up to 6.…5.3
- CVE-2026-14759A security flaw has been discovered in radareorg radare2 up …7.8
- CVE-2026-1476An out-of-band SQL injection vulnerability (OOB SQLi) has be…7.5
- CVE-2026-14760A weakness has been identified in radareorg radare2 up to 6.…7.8
- CVE-2026-14761A security vulnerability has been detected in radareorg rada…5.5
- CVE-2026-14762A vulnerability was detected in code-projects Hotel and Tour…7.3
- CVE-2026-14763A flaw has been found in code-projects Hotel and Tourism Res…7.3
Are you affected by CVE-2026-14758?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST
