CVE-2026-14789
Received Received - Intake

Stack-Based Buffer Overflow in radare2

Vulnerability report for CVE-2026-14789, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-06

Last updated on: 2026-07-06

Assigner: VulDB

Description

A vulnerability was detected in radareorg radare2 up to 6.1.6. Affected by this issue is some unknown functionality of the file libr/bin/format/mdmp/mdmp.c of the component Memory64ListStream Parser. Performing a manipulation results in stack-based buffer overflow. The attack requires a local approach. The exploit is now public and may be used. The patch is named 175d4addb68981331c85b10681c2161c38fb5762. It is suggested to install a patch to address this issue.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-06
Last Modified
2026-07-06
Generated
2026-07-06
AI Q&A
2026-07-06
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
radareorg radare2 to 6.1.6 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-121 A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
CWE-119 The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2026-14789 is a vulnerability in radare2's Memory64ListStream parser, specifically in the handling of Microsoft minidump (MDMP) files. The issue arises because the parser does not properly validate the boundaries of the stream data it processes. This allows an attacker to craft a truncated or malformed MDMP file that causes the parser to read beyond the intended memory boundaries, resulting in an out-of-bounds read or stack-based buffer overflow.

The vulnerability occurs in the file libr/bin/format/mdmp/mdmp.c and involves incorrect checks on the size and location of memory descriptors within the stream. Instead of stopping at the declared stream size, the parser may continue reading into invalid memory areas, potentially leading to memory corruption.

The issue requires local access to exploit and has a public exploit available. A patch has been released that fixes the problem by ensuring the parser respects the declared stream boundaries during processing.

Impact Analysis

This vulnerability can lead to a stack-based buffer overflow when processing specially crafted MDMP files with radare2. Although the attack requires local access, successful exploitation could cause the application to crash or behave unpredictably.

Because the vulnerability involves reading beyond intended memory boundaries, it could potentially be leveraged to execute arbitrary code or corrupt memory, depending on the context and usage of radare2.

The CVSS scores indicate a low to medium severity impact, with the main impact being on availability (application crashes) rather than confidentiality or integrity.

Detection Guidance

This vulnerability involves a stack-based buffer overflow in radare2's Memory64ListStream parser when processing malformed or truncated Microsoft minidump (MDMP) files. Detection involves identifying usage or processing of such MDMP files with radare2 versions up to 6.1.6.

Since the vulnerability is local and triggered by malformed MDMP files, detection can focus on scanning for radare2 versions prior to the patch and monitoring for attempts to open or parse suspicious MDMP files.

Suggested commands include checking the installed radare2 version to confirm if it is vulnerable:

  • radare2 -v

Additionally, monitoring file access or usage of radare2 on MDMP files can be done via system audit tools or process monitoring.

No specific detection commands or signatures are provided in the resources.

Mitigation Strategies

The primary mitigation step is to apply the patch identified by commit 175d4addb68981331c85b10681c2161c38fb5762, which fixes the vulnerability by properly validating stream boundaries in the MDMP parser.

If patching immediately is not possible, avoid processing untrusted or malformed Microsoft minidump (MDMP) files with radare2 versions up to 6.1.6.

Restrict local access to systems running vulnerable versions of radare2 to trusted users only, as the attack requires local access.

Monitor for updates from radare2 and apply them promptly to ensure the vulnerability is addressed.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-14789. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart