Every CVE whose affected-product data names Radare Radare2, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (167)
CVE-2021-32494 — CVSS 10.0 (critical): Radare2 has a division by zero vulnerability in Mach-O parser's rebase_buffer function. This allow attackers to create malicious inputs…
CVE-2021-32495 — CVSS 10.0 (critical): Radare2 has a use-after-free vulnerability in pyc parser's get_none_object function. Attacker can read freed memory afterwards. This will…
CVE-2025-1864 — CVSS 9.8 (critical): Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in radareorg radare2 allows Overflow Buffers.This…
CVE-2024-29646 — CVSS 9.8 (critical): Buffer Overflow vulnerability in radarorg radare2 v.5.8.8 allows an attacker to execute arbitrary code via the name, type, or group fields.
CVE-2023-46569 — CVSS 9.8 (critical): An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32_fpu function of libr/arch/p/nds32/nds32-dis.h.
CVE-2023-46570 — CVSS 9.8 (critical): An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32 function of libr/arch/p/nds32/nds32-dis.h.
CVE-2020-27794 — CVSS 9.1 (critical): A double free issue was discovered in radare2 in cmd_info.c:cmd_info(). Successful exploitation could lead to modification of unexpected…
CVE-2022-1296 — CVSS 9.1 (critical): Out-of-bounds read in `r_bin_ne_get_relocs` function in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability may allow…
CVE-2022-1297 — CVSS 9.1 (critical): Out-of-bounds Read in r_bin_ne_get_entrypoints function in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability may allow…
CVE-2024-11858 — CVSS 8.6 (high): A flaw was found in Radare2, which contains a command injection vulnerability caused by insufficient input validation when handling Pebble…
CVE-2026-40499 — CVSS 7.8 (high): radare2 prior to version 6.1.4 contains a command injection vulnerability in the PDB parser's print_gvars() function that allows attackers…
CVE-2017-9949 — CVSS 7.8 (high): The grub_memmove function in shlr/grub/kern/misc.c in radare2 1.5.0 allows remote attackers to cause a denial of service (stack-based…
CVE-2018-12320 — CVSS 7.8 (high): There is a use after free in radare2 2.6.0 in r_anal_bb_free() in libr/anal/bb.c via a crafted Java binary file.
CVE-2018-12321 — CVSS 7.8 (high): There is a heap out of bounds read in radare2 2.6.0 in java_switch_op() in libr/anal/p/anal_java.c via a crafted Java binary file.
CVE-2017-16357 — CVSS 7.8 (high): In radare 2.0.1, a memory corruption vulnerability exists in store_versioninfo_gnu_verdef() and store_versioninfo_gnu_verneed() in…
CVE-2022-1237 — CVSS 7.8 (high): Improper Validation of Array Index in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is heap overflow and may be…
CVE-2022-1238 — CVSS 7.8 (high): Out-of-bounds Write in libr/bin/format/ne/ne.c in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is heap overflow…
CVE-2022-1240 — CVSS 7.8 (high): Heap buffer overflow in libr/bin/format/mach0/mach0.c in GitHub repository radareorg/radare2 prior to 5.8.6. If address sanitizer is…
CVE-2017-6448 — CVSS 7.8 (high): The dalvik_disassemble function in libr/asm/p/asm_dalvik.c in radare2 1.2.1 allows remote attackers to cause a denial of service…
CVE-2017-16358 — CVSS 7.8 (high): In radare 2.0.1, an out-of-bounds read vulnerability exists in string_scan_range() in libr/bin/bin.c when doing a string search.
CVE-2019-12790 — CVSS 7.8 (high): In radare2 through 3.5.1, there is a heap-based buffer over-read in the r_egg_lang_parsechar function of egg_lang.c. This allows remote…
CVE-2019-12802 — CVSS 7.8 (high): In radare2 through 3.5.1, the rcc_context function of libr/egg/egg_lang.c mishandles changing context. This allows remote attackers to…
CVE-2017-15368 — CVSS 7.8 (high): The wasm_dis function in libr/asm/arch/wasm/wasm.c in radare2 2.0.0 allows remote attackers to cause a denial of service (stack-based…
CVE-2019-14745 — CVSS 7.8 (high): In radare2 before 3.7.0, a command injection vulnerability exists in bin_symbols() in libr/core/cbin.c. By using a crafted executable file…
CVE-2019-16718 — CVSS 7.8 (high): In radare2 before 3.9.0, a command injection vulnerability exists in bin_symbols() in libr/core/cbin.c. By using a crafted executable file…
CVE-2023-0302 — CVSS 7.8 (high): Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in GitHub repository radareorg/radare2 prior to…
CVE-2017-10929 — CVSS 7.8 (high): The grub_memmove function in shlr/grub/kern/misc.c in radare2 1.5.0 allows remote attackers to cause a denial of service (heap-based buffer…
CVE-2019-19590 — CVSS 7.8 (high): In radare2 through 4.0, there is an integer overflow for the variable new_token_size in the function r_asm_massemble at libr/asm/asm.c…
CVE-2024-29645 — CVSS 7.8 (high): Buffer Overflow vulnerability in radarorg radare2 v.5.8.8 allows an attacker to execute arbitrary code via the parse_die function.
CVE-2019-19647 — CVSS 7.8 (high): radare2 through 4.0.0 lacks validation of the content variable in the function r_asm_pseudo_incbin at libr/asm/asm.c, ultimately leading to…
CVE-2026-40527 — CVSS 7.8 (high): radare2 prior to commit bc5a890 contains a command injection vulnerability in the afsv/afsvj command path where crafted ELF binaries can…
CVE-2026-40517 — CVSS 7.8 (high): radare2 prior to 6.1.4 contains a command injection vulnerability in the PDB parser's print_gvars() function that allows attackers to…
CVE-2017-15385 — CVSS 7.8 (high): The store_versioninfo_gnu_verdef function in libr/bin/format/elf/elf.c in radare2 2.0.0 allows remote attackers to cause a denial of…
CVE-2018-11378 — CVSS 7.8 (high): The wasm_dis() function in libr/asm/arch/wasm/wasm.c in or possibly have unspecified other impact via a crafted WASM file.
CVE-2017-6194 — CVSS 7.8 (high): The relocs function in libr/bin/p/bin_bflt.c in radare2 1.2.1 allows remote attackers to cause a denial of service (heap-based buffer…
CVE-2017-15931 — CVSS 7.8 (high): In radare2 2.0.1, an integer exception (negative number leading to an invalid memory access) exists in store_versioninfo_gnu_verneed() in…
CVE-2017-6319 — CVSS 7.8 (high): The dex_parse_debug_item function in libr/bin/p/bin_dex.c in radare2 1.2.1 allows remote attackers to cause a denial of service (buffer…
CVE-2017-15932 — CVSS 7.8 (high): In radare2 2.0.1, an integer exception (negative number leading to an invalid memory access) exists in store_versioninfo_gnu_verdef() in…
CVE-2020-27795 — CVSS 7.5 (high): A segmentation fault was discovered in radare2 with adf command. In libr/core/cmd_anal.c, when command "adf" has no or wrong argument…
CVE-2023-47016 — CVSS 7.5 (high): radare2 5.8.9 has an out-of-bounds read in r_bin_object_set_items in libr/bin/bobj.c, causing a crash in r_read_le32 in…
CVE-2026-8695 — CVSS 7.5 (high): radare2 6.1.5 contains a use-after-free vulnerability in the gdbr_threads_list() function that allows remote attackers to trigger memory…
CVE-2019-12829 — CVSS 7.5 (high): radare2 through 3.5.1 mishandles the RParse API, which allows remote attackers to cause a denial of service (application crash) or possibly…
CVE-2021-4021 — CVSS 7.5 (high): A vulnerability was found in Radare2 in versions prior to 5.6.2, 5.6.0, 5.5.4 and 5.5.2. Mapping a huge section filled with zeros of an…
CVE-2017-9763 — CVSS 7.5 (high): The grub_ext2_read_block function in fs/ext2.c in GNU GRUB before 2013-11-12, as used in shlr/grub/fs/ext2.c in radare2 1.5.0, allows…
CVE-2026-8696 — CVSS 7.5 (high): radare2 6.1.5 contains a use-after-free vulnerability in the gdbr_pids_list() function within the GDB client core that allows remote…
CVE-2020-27793 — CVSS 7.5 (high): An off-by-one overflow flaw was found in radare2 due to mismatched array length in core_java.c. This could allow an attacker to cause a…
CVE-2021-3673 — CVSS 7.5 (high): A vulnerability was found in Radare2 in version 5.3.1. Improper input validation when reading a crafted LE binary can lead to resource…
CVE-2020-17487 — CVSS 7.5 (high): radare2 4.5.0 misparses signature information in PE files, causing a segmentation fault in r_x509_parse_algorithmidentifier in…
CVE-2020-15121 — CVSS 7.4 (high): In radare2 before version 4.5.0, malformed PDB file names in the PDB server path cause shell injection. To trigger the problem it's…
CVE-2022-1451 — CVSS 7.1 (high): Out-of-bounds Read in r_bin_java_constant_value_attr_new function in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the…
CVE-2022-1437 — CVSS 7.1 (high): Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past the end of the…
CVE-2026-6940 — CVSS 7.1 (high): radare2 prior to 6.1.4 contains a path traversal vulnerability in project deletion that allows local attackers to recursively delete…
CVE-2022-0519 — CVSS 7.1 (high): Buffer Access with Incorrect Length Value in GitHub repository radareorg/radare2 prior to 5.6.2.
CVE-2022-0521 — CVSS 7.1 (high): Access of Memory Location After End of Buffer in GitHub repository radareorg/radare2 prior to 5.6.2.
CVE-2022-1714 — CVSS 7.1 (high): Out-of-bounds Read in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past the end of the…
CVE-2022-1452 — CVSS 7.1 (high): Out-of-bounds Read in r_bin_java_bootstrap_methods_attr_new function in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes…
CVE-2022-1207 — CVSS 6.6 (medium): Out-of-bounds read in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability allows attackers to read sensitive information…
CVE-2026-6941 — CVSS 6.6 (medium): radare2 prior to 6.1.4 contains a path traversal vulnerability in its project notes handling that allows attackers to read or write files…
CVE-2022-1383 — CVSS 6.1 (medium): Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.8. The bug causes the program reads data past the end of the…
CVE-2023-27114 — CVSS 5.5 (medium): radare2 v5.8.3 was discovered to contain a segmentation fault via the component wasm_dis at p/wasm/wasm.c.
CVE-2017-16359 — CVSS 5.5 (medium): In radare 2.0.1, a pointer wraparound vulnerability exists in store_versioninfo_gnu_verdef() in libr/bin/format/elf/elf.c.
CVE-2017-16805 — CVSS 5.5 (medium): In radare2 2.0.1, libr/bin/dwarf.c allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted…
CVE-2017-6197 — CVSS 5.5 (medium): The r_read_* functions in libr/include/r_endian.h in radare2 1.2.1 allow remote attackers to cause a denial of service (NULL pointer…
CVE-2017-6387 — CVSS 5.5 (medium): The dex_loadcode function in libr/bin/p/bin_dex.c in radare2 1.2.1 allows remote attackers to cause a denial of service (out-of-bounds read…
CVE-2017-6415 — CVSS 5.5 (medium): The dex_parse_debug_item function in libr/bin/p/bin_dex.c in radare2 1.2.1 allows remote attackers to cause a denial of service (NULL…
CVE-2017-7274 — CVSS 5.5 (medium): The r_pkcs7_parse_cms function in libr/util/r_pkcs7.c in radare2 1.3.0 allows remote attackers to cause a denial of service (NULL pointer…
CVE-2017-7716 — CVSS 5.5 (medium): The read_u32_leb128 function in libr/util/uleb128.c in radare2 1.3.0 allows remote attackers to cause a denial of service (heap-based…
CVE-2017-7854 — CVSS 5.5 (medium): The consume_init_expr function in wasm.c in radare2 1.3.0 allows remote attackers to cause a denial of service (heap-based buffer over-read…
CVE-2017-7946 — CVSS 5.5 (medium): The get_relocs_64 function in libr/bin/format/mach0/mach0.c in radare2 1.3.0 allows remote attackers to cause a denial of service…
CVE-2017-9520 — CVSS 5.5 (medium): The r_config_set function in libr/config/config.c in radare2 1.5.0 allows remote attackers to cause a denial of service (use-after-free and…
CVE-2017-9761 — CVSS 5.5 (medium): The find_eoq function in libr/core/cmd.c in radare2 1.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds…
CVE-2017-9762 — CVSS 5.5 (medium): The cmd_info function in libr/core/cmd_info.c in radare2 1.5.0 allows remote attackers to cause a denial of service (use-after-free and…
CVE-2018-10186 — CVSS 5.5 (medium): In radare2 2.5.0, there is a heap-based buffer over-read in the r_hex_bin2str function (libr/util/hex.c). Remote attackers could leverage…
CVE-2018-10187 — CVSS 5.5 (medium): In radare2 2.5.0, there is a heap-based buffer over-read in the dalvik_op function (libr/anal/p/anal_dalvik.c). Remote attackers could…
CVE-2018-11375 — CVSS 5.5 (medium): The _inst__lds() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and…
CVE-2018-11376 — CVSS 5.5 (medium): The r_read_le32() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and…
CVE-2018-11377 — CVSS 5.5 (medium): The avr_op_analyze() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and…
CVE-2018-11379 — CVSS 5.5 (medium): The get_debug_info() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and…
CVE-2018-11380 — CVSS 5.5 (medium): The parse_import_ptr() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and…
CVE-2018-11381 — CVSS 5.5 (medium): The string_scan_range() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and…
CVE-2018-11382 — CVSS 5.5 (medium): The _inst__sts() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and…
CVE-2018-11383 — CVSS 5.5 (medium): The r_strbuf_fini() function in radare2 2.5.0 allows remote attackers to cause a denial of service (invalid free and application crash) via…
CVE-2018-11384 — CVSS 5.5 (medium): The sh_op() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application…
CVE-2018-12322 — CVSS 5.5 (medium): There is a heap out of bounds read in radare2 2.6.0 in _6502_op() in libr/anal/p/anal_6502.c via a crafted iNES ROM binary file.
CVE-2018-14015 — CVSS 5.5 (medium): The sdb_set_internal function in sdb.c in radare2 2.7.0 allows remote attackers to cause a denial of service (invalid read and application…
CVE-2018-14016 — CVSS 5.5 (medium): The r_bin_mdmp_init_directory_entry function in mdmp.c in radare2 2.7.0 allows remote attackers to cause a denial of service (heap-based…
CVE-2018-14017 — CVSS 5.5 (medium): The r_bin_java_annotation_new function in shlr/java/class.c in radare2 2.7.0 allows remote attackers to cause a denial of service…
CVE-2018-15834 — CVSS 5.5 (medium): In radare2 before 2.9.0, a heap overflow vulnerability exists in the read_module_referenced_functions function in libr/anal/flirt.c via a…
CVE-2018-19842 — CVSS 5.5 (medium): getToken in libr/asm/p/asm_x86_nz.c in radare2 before 3.1.0 allows attackers to cause a denial of service (stack-based buffer over-read)…
CVE-2018-19843 — CVSS 5.5 (medium): opmov in libr/asm/p/asm_x86_nz.c in radare2 before 3.1.0 allows attackers to cause a denial of service (buffer over-read) via crafted x86…
CVE-2018-20455 — CVSS 5.5 (medium): In radare2 prior to 3.1.1, the parseOperand function inside libr/asm/p/asm_x86_nz.c may allow attackers to cause a denial of service…
CVE-2018-20456 — CVSS 5.5 (medium): In radare2 prior to 3.1.1, the parseOperand function inside libr/asm/p/asm_x86_nz.c may allow attackers to cause a denial of service…
CVE-2018-20457 — CVSS 5.5 (medium): In radare2 through 3.1.3, the assemble function inside libr/asm/p/asm_arm_cs.c allows attackers to cause a denial-of-service (application…
CVE-2018-20458 — CVSS 5.5 (medium): In radare2 prior to 3.1.1, r_bin_dyldcache_extract in libr/bin/format/mach0/dyldcache.c may allow attackers to cause a denial-of-service…
CVE-2018-20459 — CVSS 5.5 (medium): In radare2 through 3.1.3, the armass_assemble function in libr/asm/arch/arm/armass.c allows attackers to cause a denial-of-service…
CVE-2018-20460 — CVSS 5.5 (medium): In radare2 prior to 3.1.2, the parseOperands function in libr/asm/arch/arm/armass64.c allows attackers to cause a denial-of-service…
CVE-2018-20461 — CVSS 5.5 (medium): In radare2 prior to 3.1.1, core_anal_bytes in libr/core/cmd_anal.c allows attackers to cause a denial-of-service (application crash caused…
CVE-2018-8808 — CVSS 5.5 (medium): In radare2 2.4.0, there is a heap-based buffer over-read in the r_asm_disassemble function of asm.c. Remote attackers could leverage this…
CVE-2018-8809 — CVSS 5.5 (medium): In radare2 2.4.0, there is a heap-based buffer over-read in the dalvik_op function of anal_dalvik.c. Remote attackers could leverage this…
CVE-2018-8810 — CVSS 5.5 (medium): In radare2 2.4.0, there is a heap-based buffer over-read in the get_ivar_list_t function of mach0_classes.c. Remote attackers could…
CVE-2020-16269 — CVSS 5.5 (medium): radare2 4.5.0 misparses DWARF information in executable files, causing a segmentation fault in parse_typedef in type_dwarf.c via a…
CVE-2021-32613 — CVSS 5.5 (medium): In radare2 through 5.3.0 there is a double free vulnerability in the pyc parse via a crafted file which can lead to DoS.
CVE-2021-44974 — CVSS 5.5 (medium): radareorg radare2 version 5.5.2 is vulnerable to NULL Pointer Dereference via libr/bin/p/bin_symbols.c binary symbol parser.
CVE-2022-1052 — CVSS 5.5 (medium): Heap Buffer Overflow in iterate_chained_fixups in GitHub repository radareorg/radare2 prior to 5.6.6.
CVE-2022-1244 — CVSS 5.5 (medium): heap-buffer-overflow in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is capable of inducing denial of service.
CVE-2022-1283 — CVSS 5.5 (medium): NULL Pointer Dereference in r_bin_ne_get_entrypoints function in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability…
CVE-2022-1284 — CVSS 5.5 (medium): heap-use-after-free in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is capable of inducing denial of service.
CVE-2022-1382 — CVSS 5.5 (medium): NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is capable of making the radare2 crash…
CVE-2022-1444 — CVSS 5.5 (medium): heap-use-after-free in GitHub repository radareorg/radare2 prior to 5.7.0. This vulnerability is capable of inducing denial of service.
CVE-2022-1649 — CVSS 5.5 (medium): Null pointer dereference in libr/bin/format/mach0/mach0.c in radareorg/radare2 in GitHub repository radareorg/radare2 prior to 5.7.0. It is…
CVE-2022-34502 — CVSS 5.5 (medium): Radare2 v5.7.0 was discovered to contain a heap buffer overflow via the function consume_encoded_name_new at format/wasm/wasm.c. This…
CVE-2022-34520 — CVSS 5.5 (medium): Radare2 v5.7.2 was discovered to contain a NULL pointer dereference via the function r_bin_file_xtr_load_buffer at bin/bfile.c. This…
CVE-2024-26475 — CVSS 5.5 (medium): An issue in radareorg radare2 v.0.9.7 through v.5.8.6 and fixed in v.5.8.8 allows a local attacker to cause a denial of service via the…
CVE-2024-48241 — CVSS 5.5 (medium): An issue in radare2 v5.8.0 through v5.9.4 allows a local attacker to cause a denial of service via the __bf_div function.
CVE-2025-63745 — CVSS 5.5 (medium): A NULL pointer dereference vulnerability was discovered in radare2 6.0.5 and earlier within the info() function of bin_ne.c. A crafted…
CVE-2026-14757 — CVSS 5.3 (medium): A vulnerability was determined in radareorg radare2 up to 6.1.6. This affects the function core_anal_bytes of the file…
CVE-2025-63744 — CVSS 4.3 (medium): A NULL pointer dereference vulnerability was discovered in radare2 6.0.5 and earlier within the load() function of bin_dyldcache.c…
CVE-2025-1378 — CVSS 3.3 (low): A vulnerability, which was classified as problematic, was found in radare2 5.9.9 33286. Affected is an unknown function in the library…
CVE-2026-14758 — CVSS 3.3 (low): A vulnerability was identified in radareorg radare2 up to 6.1.6. This vulnerability affects the function cmd_anal_opcode of the file…
CVE-2026-14759 — CVSS 3.3 (low): A security flaw has been discovered in radareorg radare2 up to 6.1.6. This issue affects the function r_bin_java_inner_classes_attr_calc_siz…
CVE-2026-14760 — CVSS 3.3 (low): A weakness has been identified in radareorg radare2 up to 6.1.6. Impacted is the function r_core_seek_arch_bits of the file…
CVE-2026-14786 — CVSS 3.3 (low): A security flaw has been discovered in radareorg radare2 up to 6.1.6. This impacts the function r_str_word_get0set of the file…
CVE-2026-14761 — CVSS 3.3 (low): A security vulnerability has been detected in radareorg radare2 up to 6.1.6. The affected element is the function r_str_ndup/r_str_append…
CVE-2025-5642 — CVSS 2.5 (low): A vulnerability classified as problematic has been found in Radare2 5.9.9. Affected is the function r_cons_pal_init in the library…
CVE-2025-5646 — CVSS 2.5 (low): A vulnerability has been found in Radare2 5.9.9 and classified as problematic. This vulnerability affects the function r_cons_rainbow_free…
CVE-2025-5645 — CVSS 2.5 (low): A vulnerability, which was classified as problematic, was found in Radare2 5.9.9. This affects the function r_cons_pal_init in the library…
CVE-2025-5644 — CVSS 2.5 (low): A vulnerability, which was classified as problematic, has been found in Radare2 5.9.9. Affected by this issue is the function r_cons_flush…
CVE-2025-5647 — CVSS 2.5 (low): A vulnerability was found in Radare2 5.9.9 and classified as problematic. This issue affects the function r_cons_context_break_pop in the…
CVE-2025-5648 — CVSS 2.5 (low): A vulnerability was found in Radare2 5.9.9. It has been classified as problematic. Affected is the function r_cons_pal_init in the library…
CVE-2025-5643 — CVSS 2.5 (low): A vulnerability classified as problematic was found in Radare2 5.9.9. Affected by this vulnerability is the function cons_stack_load in the…
CVE-2025-5641 — CVSS 2.5 (low): A vulnerability was found in Radare2 5.9.9. It has been rated as problematic. This issue affects the function r_cons_is_breaked in the…