CVE-2026-45613
Deferred Deferred - Pending Action
Heap-Buffer-Overflow in Rizin Reverse Engineering Framework

Publication date: 2026-05-29

Last updated on: 2026-05-29

Assigner: GitHub, Inc.

Description
Rizin is a UNIX-like reverse engineering framework and command-line toolset. There is a heap-buffer-overflow in librz/bin/format/omf/omf.c. This vulnerability is fixed by commit e6d0937c8a083e23ed76ccfb9f631cdc50c7af47.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-29
Last Modified
2026-05-29
Generated
2026-06-19
AI Q&A
2026-05-29
EPSS Evaluated
2026-06-18
NVD
CVE-2026-45613
EUVD
EUVD-2026-33423
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
rizin rizin to e6d0937c8a083e23ed76ccfb9f631cdc50c7af47 (inc)
rizin reverse_engineering_framework to e6d0937 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-125 The product reads data past the end, or before the beginning, of the intended buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a heap-buffer-overflow in the OMF (Object Module Format) parser of the Rizin reverse engineering framework. It occurs because the code improperly handles segment indices when accessing an array of sections. Specifically, it subtracts 1 from the segment index and uses this value to access the sections array without verifying if the resulting index is within valid bounds. This can lead to reading memory outside the allocated array, causing crashes or undefined behavior.

The issue is fixed by adding a proper bounds check before accessing the array, ensuring that the adjusted index is less than the number of sections. If the index is invalid, an error is logged and the function returns false, preventing the out-of-bounds read.

Impact Analysis

This vulnerability can lead to memory corruption due to out-of-bounds reads when parsing OMF binaries with invalid segment indices. The impact includes potential crashes or undefined behavior of the Rizin software.

Exploitation requires local access and minimal user interaction, such as opening a crafted OMF binary. The severity is considered low with a CVSS score of 3.3.

Users are advised to avoid opening untrusted OMF binaries to mitigate the risk.

Detection Guidance

This vulnerability is a heap-buffer-overflow caused by an out-of-bounds read in the OMF parser of the Rizin framework when processing OMF binaries with invalid segment indices.

Detection would involve monitoring or analyzing the use of Rizin when it parses OMF binaries, especially looking for crashes or error logs related to invalid segment indices.

Since the vulnerability is triggered by processing crafted or malformed OMF binaries, one way to detect exploitation attempts is to audit or log Rizin's usage on your system and check for error messages or crashes in the omf.c component.

There are no specific commands provided in the available resources to detect this vulnerability directly.

Mitigation Strategies

The primary mitigation step is to update Rizin to a version that includes the fix from commit e6d0937c8a083e23ed76ccfb9f631cdc50c7af47 or later.

Until the update is applied, users should avoid opening or processing untrusted or malformed OMF binaries with Rizin to prevent triggering the vulnerability.

Compliance Impact

The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-45613. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart