Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/radare2@6.0.4%2Bdfsg-1?distro=sid
Typedeb
Namespacedebian
Nameradare2
Version6.0.4+dfsg-1
Qualifiers
distro sid
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version6.0.7+ds-1
Latest_non_vulnerable_version6.0.7+ds-1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-1h97-tkwz-8kfr
vulnerability_id VCID-1h97-tkwz-8kfr
summary A vulnerability was found in Radare2 5.9.9. It has been rated as problematic. This issue affects the function r_cons_is_breaked in the library /libr/cons/cons.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. It is possible to launch the attack on the local host. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The identifier of the patch is 5705d99cc1f23f36f9a84aab26d1724010b97798. It is recommended to apply a patch to fix this issue. The documentation explains that the parameter -T is experimental and "crashy". Further analysis has shown "the race is not a real problem unless you use asan". An additional warning regarding threading support has been added.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-5641
reference_id
reference_type
scores
0
value 0.00147
scoring_system epss
scoring_elements 0.35281
published_at 2026-04-04T12:55:00Z
1
value 0.00147
scoring_system epss
scoring_elements 0.35253
published_at 2026-04-02T12:55:00Z
2
value 0.00147
scoring_system epss
scoring_elements 0.34918
published_at 2026-04-24T12:55:00Z
3
value 0.00147
scoring_system epss
scoring_elements 0.35153
published_at 2026-04-21T12:55:00Z
4
value 0.00147
scoring_system epss
scoring_elements 0.35201
published_at 2026-04-18T12:55:00Z
5
value 0.00147
scoring_system epss
scoring_elements 0.35215
published_at 2026-04-16T12:55:00Z
6
value 0.00147
scoring_system epss
scoring_elements 0.35176
published_at 2026-04-13T12:55:00Z
7
value 0.00147
scoring_system epss
scoring_elements 0.352
published_at 2026-04-12T12:55:00Z
8
value 0.00147
scoring_system epss
scoring_elements 0.35235
published_at 2026-04-11T12:55:00Z
9
value 0.00147
scoring_system epss
scoring_elements 0.35232
published_at 2026-04-09T12:55:00Z
10
value 0.00147
scoring_system epss
scoring_elements 0.35206
published_at 2026-04-08T12:55:00Z
11
value 0.00147
scoring_system epss
scoring_elements 0.35162
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-5641
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107316
reference_id 1107316
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107316
3
reference_url https://github.com/radareorg/radare2/issues/24230
reference_id 24230
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T15:16:24Z/
url https://github.com/radareorg/radare2/issues/24230
4
reference_url https://github.com/radareorg/radare2/issues/24230#issuecomment-2919612676
reference_id 24230#issuecomment-2919612676
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T15:16:24Z/
url https://github.com/radareorg/radare2/issues/24230#issuecomment-2919612676
5
reference_url https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798
reference_id 5705d99cc1f23f36f9a84aab26d1724010b97798
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T15:16:24Z/
url https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798
6
reference_url https://vuldb.com/?ctiid.311129
reference_id ?ctiid.311129
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T15:16:24Z/
url https://vuldb.com/?ctiid.311129
7
reference_url https://vuldb.com/?id.311129
reference_id ?id.311129
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T15:16:24Z/
url https://vuldb.com/?id.311129
8
reference_url https://vuldb.com/?submit.586909
reference_id ?submit.586909
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T15:16:24Z/
url https://vuldb.com/?submit.586909
9
reference_url https://drive.google.com/file/d/1oG5IC7qhL_SJsIHpnWp7MZlWJGYt8qWZ/view?usp=sharing
reference_id view?usp=sharing
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T15:16:24Z/
url https://drive.google.com/file/d/1oG5IC7qhL_SJsIHpnWp7MZlWJGYt8qWZ/view?usp=sharing
fixed_packages
0
url pkg:deb/debian/radare2@6.0.4%2Bdfsg-1?distro=sid
purl pkg:deb/debian/radare2@6.0.4%2Bdfsg-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.4%252Bdfsg-1%3Fdistro=sid
1
url pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid
purl pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid
aliases CVE-2025-5641
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1h97-tkwz-8kfr
1
url VCID-2r7v-s8mc-e7gr
vulnerability_id VCID-2r7v-s8mc-e7gr
summary radare2 v5.9.8 and before contains a memory leak in the function r2r_subprocess_init.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-60360
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04912
published_at 2026-04-24T12:55:00Z
1
value 0.00018
scoring_system epss
scoring_elements 0.04875
published_at 2026-04-21T12:55:00Z
2
value 0.00018
scoring_system epss
scoring_elements 0.04741
published_at 2026-04-02T12:55:00Z
3
value 0.00018
scoring_system epss
scoring_elements 0.04764
published_at 2026-04-04T12:55:00Z
4
value 0.00018
scoring_system epss
scoring_elements 0.04779
published_at 2026-04-07T12:55:00Z
5
value 0.00018
scoring_system epss
scoring_elements 0.04812
published_at 2026-04-11T12:55:00Z
6
value 0.00018
scoring_system epss
scoring_elements 0.04825
published_at 2026-04-09T12:55:00Z
7
value 0.00018
scoring_system epss
scoring_elements 0.0479
published_at 2026-04-12T12:55:00Z
8
value 0.00018
scoring_system epss
scoring_elements 0.0477
published_at 2026-04-13T12:55:00Z
9
value 0.00018
scoring_system epss
scoring_elements 0.04723
published_at 2026-04-16T12:55:00Z
10
value 0.00018
scoring_system epss
scoring_elements 0.04731
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-60360
1
reference_url https://github.com/radareorg/radare2/pull/24245
reference_id 24245
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-17T14:31:14Z/
url https://github.com/radareorg/radare2/pull/24245
2
reference_url https://usn.ubuntu.com/7915-1/
reference_id USN-7915-1
reference_type
scores
url https://usn.ubuntu.com/7915-1/
fixed_packages
0
url pkg:deb/debian/radare2@6.0.4%2Bdfsg-1?distro=sid
purl pkg:deb/debian/radare2@6.0.4%2Bdfsg-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.4%252Bdfsg-1%3Fdistro=sid
1
url pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid
purl pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid
aliases CVE-2025-60360
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2r7v-s8mc-e7gr
2
url VCID-2y64-np9y-zyfz
vulnerability_id VCID-2y64-np9y-zyfz
summary A vulnerability was found in Radare2 5.9.9. It has been classified as problematic. Affected is the function r_cons_pal_init in the library /libr/cons/pal.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. An attack has to be approached locally. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The name of the patch is 5705d99cc1f23f36f9a84aab26d1724010b97798. It is recommended to apply a patch to fix this issue. The documentation explains that the parameter -T is experimental and "crashy". Further analysis has shown "the race is not a real problem unless you use asan". A new warning has been added.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-5648
reference_id
reference_type
scores
0
value 0.00147
scoring_system epss
scoring_elements 0.35232
published_at 2026-04-09T12:55:00Z
1
value 0.00147
scoring_system epss
scoring_elements 0.35253
published_at 2026-04-02T12:55:00Z
2
value 0.00147
scoring_system epss
scoring_elements 0.35281
published_at 2026-04-04T12:55:00Z
3
value 0.00147
scoring_system epss
scoring_elements 0.35162
published_at 2026-04-07T12:55:00Z
4
value 0.00147
scoring_system epss
scoring_elements 0.35206
published_at 2026-04-08T12:55:00Z
5
value 0.00147
scoring_system epss
scoring_elements 0.34918
published_at 2026-04-24T12:55:00Z
6
value 0.00147
scoring_system epss
scoring_elements 0.35153
published_at 2026-04-21T12:55:00Z
7
value 0.00147
scoring_system epss
scoring_elements 0.35201
published_at 2026-04-18T12:55:00Z
8
value 0.00147
scoring_system epss
scoring_elements 0.35215
published_at 2026-04-16T12:55:00Z
9
value 0.00147
scoring_system epss
scoring_elements 0.35176
published_at 2026-04-13T12:55:00Z
10
value 0.00147
scoring_system epss
scoring_elements 0.352
published_at 2026-04-12T12:55:00Z
11
value 0.00147
scoring_system epss
scoring_elements 0.35235
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-5648
1
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107316
reference_id 1107316
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107316
2
reference_url https://github.com/radareorg/radare2/issues/24238
reference_id 24238
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T13:18:20Z/
url https://github.com/radareorg/radare2/issues/24238
3
reference_url https://github.com/radareorg/radare2/issues/24238#issuecomment-2918850876
reference_id 24238#issuecomment-2918850876
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T13:18:20Z/
url https://github.com/radareorg/radare2/issues/24238#issuecomment-2918850876
4
reference_url https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798
reference_id 5705d99cc1f23f36f9a84aab26d1724010b97798
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T13:18:20Z/
url https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798
5
reference_url https://vuldb.com/?ctiid.311136
reference_id ?ctiid.311136
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T13:18:20Z/
url https://vuldb.com/?ctiid.311136
6
reference_url https://vuldb.com/?id.311136
reference_id ?id.311136
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T13:18:20Z/
url https://vuldb.com/?id.311136
7
reference_url https://vuldb.com/?submit.586929
reference_id ?submit.586929
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T13:18:20Z/
url https://vuldb.com/?submit.586929
8
reference_url https://drive.google.com/file/d/1StQvpouGzMCOGmF3b5q_NxAJiZwivnjp/view?usp=sharing
reference_id view?usp=sharing
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T13:18:20Z/
url https://drive.google.com/file/d/1StQvpouGzMCOGmF3b5q_NxAJiZwivnjp/view?usp=sharing
fixed_packages
0
url pkg:deb/debian/radare2@6.0.4%2Bdfsg-1?distro=sid
purl pkg:deb/debian/radare2@6.0.4%2Bdfsg-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.4%252Bdfsg-1%3Fdistro=sid
1
url pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid
purl pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid
aliases CVE-2025-5648
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2y64-np9y-zyfz
3
url VCID-378y-5cww-y7eb
vulnerability_id VCID-378y-5cww-y7eb
summary radare2 v5.9.8 and before contains a memory leak in the function bochs_open.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-60361
reference_id
reference_type
scores
0
value 0.00019
scoring_system epss
scoring_elements 0.05007
published_at 2026-04-24T12:55:00Z
1
value 0.00019
scoring_system epss
scoring_elements 0.04976
published_at 2026-04-21T12:55:00Z
2
value 0.00019
scoring_system epss
scoring_elements 0.04832
published_at 2026-04-02T12:55:00Z
3
value 0.00019
scoring_system epss
scoring_elements 0.04858
published_at 2026-04-04T12:55:00Z
4
value 0.00019
scoring_system epss
scoring_elements 0.04875
published_at 2026-04-13T12:55:00Z
5
value 0.00019
scoring_system epss
scoring_elements 0.04912
published_at 2026-04-11T12:55:00Z
6
value 0.00019
scoring_system epss
scoring_elements 0.04929
published_at 2026-04-09T12:55:00Z
7
value 0.00019
scoring_system epss
scoring_elements 0.04893
published_at 2026-04-12T12:55:00Z
8
value 0.00019
scoring_system epss
scoring_elements 0.04822
published_at 2026-04-16T12:55:00Z
9
value 0.00019
scoring_system epss
scoring_elements 0.04831
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-60361
1
reference_url https://github.com/radareorg/radare2/pull/24312
reference_id 24312
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-17T14:45:38Z/
url https://github.com/radareorg/radare2/pull/24312
2
reference_url https://usn.ubuntu.com/7915-1/
reference_id USN-7915-1
reference_type
scores
url https://usn.ubuntu.com/7915-1/
fixed_packages
0
url pkg:deb/debian/radare2@6.0.4%2Bdfsg-1?distro=sid
purl pkg:deb/debian/radare2@6.0.4%2Bdfsg-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.4%252Bdfsg-1%3Fdistro=sid
1
url pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid
purl pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid
aliases CVE-2025-60361
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-378y-5cww-y7eb
4
url VCID-6bbs-9d9s-mfeq
vulnerability_id VCID-6bbs-9d9s-mfeq
summary A vulnerability was found in Radare2 5.9.9 and classified as problematic. This issue affects the function r_cons_context_break_pop in the library /libr/cons/cons.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. The attack needs to be approached locally. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The patch is named 5705d99cc1f23f36f9a84aab26d1724010b97798. It is recommended to apply a patch to fix this issue. The documentation explains that the parameter -T is experimental and "crashy". Further analysis has shown "the race is not a real problem unless you use asan". A new warning has been added.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-5647
reference_id
reference_type
scores
0
value 0.00147
scoring_system epss
scoring_elements 0.35232
published_at 2026-04-09T12:55:00Z
1
value 0.00147
scoring_system epss
scoring_elements 0.35253
published_at 2026-04-02T12:55:00Z
2
value 0.00147
scoring_system epss
scoring_elements 0.35281
published_at 2026-04-04T12:55:00Z
3
value 0.00147
scoring_system epss
scoring_elements 0.35162
published_at 2026-04-07T12:55:00Z
4
value 0.00147
scoring_system epss
scoring_elements 0.35206
published_at 2026-04-08T12:55:00Z
5
value 0.00147
scoring_system epss
scoring_elements 0.34918
published_at 2026-04-24T12:55:00Z
6
value 0.00147
scoring_system epss
scoring_elements 0.35153
published_at 2026-04-21T12:55:00Z
7
value 0.00147
scoring_system epss
scoring_elements 0.35201
published_at 2026-04-18T12:55:00Z
8
value 0.00147
scoring_system epss
scoring_elements 0.35215
published_at 2026-04-16T12:55:00Z
9
value 0.00147
scoring_system epss
scoring_elements 0.35176
published_at 2026-04-13T12:55:00Z
10
value 0.00147
scoring_system epss
scoring_elements 0.352
published_at 2026-04-12T12:55:00Z
11
value 0.00147
scoring_system epss
scoring_elements 0.35235
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-5647
1
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107316
reference_id 1107316
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107316
2
reference_url https://github.com/radareorg/radare2/issues/24237
reference_id 24237
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T15:06:47Z/
url https://github.com/radareorg/radare2/issues/24237
3
reference_url https://github.com/radareorg/radare2/issues/24237#issuecomment-2918846137
reference_id 24237#issuecomment-2918846137
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T15:06:47Z/
url https://github.com/radareorg/radare2/issues/24237#issuecomment-2918846137
4
reference_url https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798
reference_id 5705d99cc1f23f36f9a84aab26d1724010b97798
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T15:06:47Z/
url https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798
5
reference_url https://vuldb.com/?ctiid.311135
reference_id ?ctiid.311135
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T15:06:47Z/
url https://vuldb.com/?ctiid.311135
6
reference_url https://vuldb.com/?id.311135
reference_id ?id.311135
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T15:06:47Z/
url https://vuldb.com/?id.311135
7
reference_url https://vuldb.com/?submit.586928
reference_id ?submit.586928
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T15:06:47Z/
url https://vuldb.com/?submit.586928
8
reference_url https://drive.google.com/file/d/16ApwSAKLDqm1qzJLe-uUZSCyy8HNG965/view?usp=sharing
reference_id view?usp=sharing
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T15:06:47Z/
url https://drive.google.com/file/d/16ApwSAKLDqm1qzJLe-uUZSCyy8HNG965/view?usp=sharing
fixed_packages
0
url pkg:deb/debian/radare2@6.0.4%2Bdfsg-1?distro=sid
purl pkg:deb/debian/radare2@6.0.4%2Bdfsg-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.4%252Bdfsg-1%3Fdistro=sid
1
url pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid
purl pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid
aliases CVE-2025-5647
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6bbs-9d9s-mfeq
5
url VCID-9zrm-xdkz-fbfb
vulnerability_id VCID-9zrm-xdkz-fbfb
summary A vulnerability has been found in Radare2 5.9.9 and classified as problematic. This vulnerability affects the function r_cons_rainbow_free in the library /libr/cons/pal.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. It is possible to launch the attack on the local host. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The patch is identified as 5705d99cc1f23f36f9a84aab26d1724010b97798. It is recommended to apply a patch to fix this issue. The documentation explains that the parameter -T is experimental and "crashy". Further analysis has shown "the race is not a real problem unless you use asan". A new warning has been added.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-5646
reference_id
reference_type
scores
0
value 0.00147
scoring_system epss
scoring_elements 0.35232
published_at 2026-04-09T12:55:00Z
1
value 0.00147
scoring_system epss
scoring_elements 0.35253
published_at 2026-04-02T12:55:00Z
2
value 0.00147
scoring_system epss
scoring_elements 0.35281
published_at 2026-04-04T12:55:00Z
3
value 0.00147
scoring_system epss
scoring_elements 0.35162
published_at 2026-04-07T12:55:00Z
4
value 0.00147
scoring_system epss
scoring_elements 0.35206
published_at 2026-04-08T12:55:00Z
5
value 0.00147
scoring_system epss
scoring_elements 0.34918
published_at 2026-04-24T12:55:00Z
6
value 0.00147
scoring_system epss
scoring_elements 0.35153
published_at 2026-04-21T12:55:00Z
7
value 0.00147
scoring_system epss
scoring_elements 0.35201
published_at 2026-04-18T12:55:00Z
8
value 0.00147
scoring_system epss
scoring_elements 0.35215
published_at 2026-04-16T12:55:00Z
9
value 0.00147
scoring_system epss
scoring_elements 0.35176
published_at 2026-04-13T12:55:00Z
10
value 0.00147
scoring_system epss
scoring_elements 0.352
published_at 2026-04-12T12:55:00Z
11
value 0.00147
scoring_system epss
scoring_elements 0.35235
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-5646
1
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107316
reference_id 1107316
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107316
2
reference_url https://github.com/radareorg/radare2/issues/24235
reference_id 24235
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:10:51Z/
url https://github.com/radareorg/radare2/issues/24235
3
reference_url https://github.com/radareorg/radare2/issues/24235#issuecomment-2918847213
reference_id 24235#issuecomment-2918847213
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:10:51Z/
url https://github.com/radareorg/radare2/issues/24235#issuecomment-2918847213
4
reference_url https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798
reference_id 5705d99cc1f23f36f9a84aab26d1724010b97798
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:10:51Z/
url https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798
5
reference_url https://vuldb.com/?ctiid.311134
reference_id ?ctiid.311134
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:10:51Z/
url https://vuldb.com/?ctiid.311134
6
reference_url https://vuldb.com/?id.311134
reference_id ?id.311134
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:10:51Z/
url https://vuldb.com/?id.311134
7
reference_url https://vuldb.com/?submit.586923
reference_id ?submit.586923
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:10:51Z/
url https://vuldb.com/?submit.586923
8
reference_url https://drive.google.com/file/d/1PYNtV7Kx2OEgM9Cemb5FBlMJH_J1wux0/view?usp=sharing
reference_id view?usp=sharing
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:10:51Z/
url https://drive.google.com/file/d/1PYNtV7Kx2OEgM9Cemb5FBlMJH_J1wux0/view?usp=sharing
fixed_packages
0
url pkg:deb/debian/radare2@6.0.4%2Bdfsg-1?distro=sid
purl pkg:deb/debian/radare2@6.0.4%2Bdfsg-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.4%252Bdfsg-1%3Fdistro=sid
1
url pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid
purl pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid
aliases CVE-2025-5646
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9zrm-xdkz-fbfb
6
url VCID-awv9-a65t-gfax
vulnerability_id VCID-awv9-a65t-gfax
summary A vulnerability classified as problematic was found in Radare2 5.9.9. Affected by this vulnerability is the function cons_stack_load in the library /libr/cons/cons.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. An attack has to be approached locally. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The patch is named 5705d99cc1f23f36f9a84aab26d1724010b97798. It is recommended to apply a patch to fix this issue. The documentation explains that the parameter -T is experimental and "crashy". Further analysis has shown "the race is not a real problem unless you use asan". A new warning has been added.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-5643
reference_id
reference_type
scores
0
value 0.0016
scoring_system epss
scoring_elements 0.36912
published_at 2026-04-09T12:55:00Z
1
value 0.0016
scoring_system epss
scoring_elements 0.36983
published_at 2026-04-02T12:55:00Z
2
value 0.0016
scoring_system epss
scoring_elements 0.37018
published_at 2026-04-04T12:55:00Z
3
value 0.0016
scoring_system epss
scoring_elements 0.36846
published_at 2026-04-07T12:55:00Z
4
value 0.0016
scoring_system epss
scoring_elements 0.36897
published_at 2026-04-08T12:55:00Z
5
value 0.0016
scoring_system epss
scoring_elements 0.36613
published_at 2026-04-24T12:55:00Z
6
value 0.0016
scoring_system epss
scoring_elements 0.36832
published_at 2026-04-21T12:55:00Z
7
value 0.0016
scoring_system epss
scoring_elements 0.3689
published_at 2026-04-18T12:55:00Z
8
value 0.0016
scoring_system epss
scoring_elements 0.36906
published_at 2026-04-16T12:55:00Z
9
value 0.0016
scoring_system epss
scoring_elements 0.36861
published_at 2026-04-13T12:55:00Z
10
value 0.0016
scoring_system epss
scoring_elements 0.36886
published_at 2026-04-12T12:55:00Z
11
value 0.0016
scoring_system epss
scoring_elements 0.36921
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-5643
1
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107316
reference_id 1107316
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107316
2
reference_url https://github.com/radareorg/radare2/issues/24232
reference_id 24232
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:45:33Z/
url https://github.com/radareorg/radare2/issues/24232
3
reference_url https://github.com/radareorg/radare2/issues/24232#issuecomment-2918841776
reference_id 24232#issuecomment-2918841776
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:45:33Z/
url https://github.com/radareorg/radare2/issues/24232#issuecomment-2918841776
4
reference_url https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798
reference_id 5705d99cc1f23f36f9a84aab26d1724010b97798
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:45:33Z/
url https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798
5
reference_url https://vuldb.com/?ctiid.311131
reference_id ?ctiid.311131
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:45:33Z/
url https://vuldb.com/?ctiid.311131
6
reference_url https://vuldb.com/?id.311131
reference_id ?id.311131
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:45:33Z/
url https://vuldb.com/?id.311131
7
reference_url https://vuldb.com/?submit.586912
reference_id ?submit.586912
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:45:33Z/
url https://vuldb.com/?submit.586912
8
reference_url https://drive.google.com/file/d/1XsoyD7lMC-9a9Cxhld8sdEE-0PF3lxvB/view?usp=sharing
reference_id view?usp=sharing
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:45:33Z/
url https://drive.google.com/file/d/1XsoyD7lMC-9a9Cxhld8sdEE-0PF3lxvB/view?usp=sharing
fixed_packages
0
url pkg:deb/debian/radare2@6.0.4%2Bdfsg-1?distro=sid
purl pkg:deb/debian/radare2@6.0.4%2Bdfsg-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.4%252Bdfsg-1%3Fdistro=sid
1
url pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid
purl pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid
aliases CVE-2025-5643
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-awv9-a65t-gfax
7
url VCID-bws2-var3-a3au
vulnerability_id VCID-bws2-var3-a3au
summary radare2 v.5.9.8 and before contains a memory leak in the function _load_relocations.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-60358
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04912
published_at 2026-04-24T12:55:00Z
1
value 0.00018
scoring_system epss
scoring_elements 0.04875
published_at 2026-04-21T12:55:00Z
2
value 0.00018
scoring_system epss
scoring_elements 0.04741
published_at 2026-04-02T12:55:00Z
3
value 0.00018
scoring_system epss
scoring_elements 0.04764
published_at 2026-04-04T12:55:00Z
4
value 0.00018
scoring_system epss
scoring_elements 0.04779
published_at 2026-04-07T12:55:00Z
5
value 0.00018
scoring_system epss
scoring_elements 0.04812
published_at 2026-04-11T12:55:00Z
6
value 0.00018
scoring_system epss
scoring_elements 0.04825
published_at 2026-04-09T12:55:00Z
7
value 0.00018
scoring_system epss
scoring_elements 0.0479
published_at 2026-04-12T12:55:00Z
8
value 0.00018
scoring_system epss
scoring_elements 0.0477
published_at 2026-04-13T12:55:00Z
9
value 0.00018
scoring_system epss
scoring_elements 0.04723
published_at 2026-04-16T12:55:00Z
10
value 0.00018
scoring_system epss
scoring_elements 0.04731
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-60358
1
reference_url https://github.com/radareorg/radare2/pull/24224
reference_id 24224
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-17T13:35:56Z/
url https://github.com/radareorg/radare2/pull/24224
2
reference_url https://usn.ubuntu.com/7842-1/
reference_id USN-7842-1
reference_type
scores
url https://usn.ubuntu.com/7842-1/
fixed_packages
0
url pkg:deb/debian/radare2@6.0.4%2Bdfsg-1?distro=sid
purl pkg:deb/debian/radare2@6.0.4%2Bdfsg-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.4%252Bdfsg-1%3Fdistro=sid
1
url pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid
purl pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid
aliases CVE-2025-60358
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bws2-var3-a3au
8
url VCID-dpfc-t7cc-uqef
vulnerability_id VCID-dpfc-t7cc-uqef
summary 
Out-of-bounds Write vulnerability in radareorg radare2 allows 

heap-based buffer over-read or buffer overflow.This issue affects radare2: before <5.9.9.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-1744
reference_id
reference_type
scores
0
value 0.00311
scoring_system epss
scoring_elements 0.54305
published_at 2026-04-04T12:55:00Z
1
value 0.00311
scoring_system epss
scoring_elements 0.54275
published_at 2026-04-02T12:55:00Z
2
value 0.00311
scoring_system epss
scoring_elements 0.5428
published_at 2026-04-07T12:55:00Z
3
value 0.00451
scoring_system epss
scoring_elements 0.6375
published_at 2026-04-24T12:55:00Z
4
value 0.00451
scoring_system epss
scoring_elements 0.63736
published_at 2026-04-16T12:55:00Z
5
value 0.00451
scoring_system epss
scoring_elements 0.63746
published_at 2026-04-18T12:55:00Z
6
value 0.00451
scoring_system epss
scoring_elements 0.63732
published_at 2026-04-21T12:55:00Z
7
value 0.00451
scoring_system epss
scoring_elements 0.63718
published_at 2026-04-08T12:55:00Z
8
value 0.00451
scoring_system epss
scoring_elements 0.63734
published_at 2026-04-09T12:55:00Z
9
value 0.00451
scoring_system epss
scoring_elements 0.63749
published_at 2026-04-11T12:55:00Z
10
value 0.00451
scoring_system epss
scoring_elements 0.63735
published_at 2026-04-12T12:55:00Z
11
value 0.00451
scoring_system epss
scoring_elements 0.63701
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-1744
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1099620
reference_id 1099620
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1099620
3
reference_url https://github.com/radareorg/radare2/pull/23969
reference_id 23969
reference_type
scores
0
value 10
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-28T15:21:10Z/
url https://github.com/radareorg/radare2/pull/23969
fixed_packages
0
url pkg:deb/debian/radare2@6.0.4%2Bdfsg-1?distro=sid
purl pkg:deb/debian/radare2@6.0.4%2Bdfsg-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.4%252Bdfsg-1%3Fdistro=sid
1
url pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid
purl pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid
aliases CVE-2025-1744
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dpfc-t7cc-uqef
9
url VCID-ev6a-h3yd-5udh
vulnerability_id VCID-ev6a-h3yd-5udh
summary Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in radareorg radare2 allows Overflow Buffers.This issue affects radare2: before <5.9.9.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-1864
reference_id
reference_type
scores
0
value 0.0026
scoring_system epss
scoring_elements 0.49419
published_at 2026-04-08T12:55:00Z
1
value 0.0026
scoring_system epss
scoring_elements 0.49383
published_at 2026-04-02T12:55:00Z
2
value 0.0026
scoring_system epss
scoring_elements 0.49414
published_at 2026-04-09T12:55:00Z
3
value 0.0026
scoring_system epss
scoring_elements 0.4941
published_at 2026-04-04T12:55:00Z
4
value 0.0026
scoring_system epss
scoring_elements 0.49364
published_at 2026-04-07T12:55:00Z
5
value 0.0031
scoring_system epss
scoring_elements 0.54223
published_at 2026-04-11T12:55:00Z
6
value 0.0036
scoring_system epss
scoring_elements 0.58184
published_at 2026-04-24T12:55:00Z
7
value 0.0036
scoring_system epss
scoring_elements 0.58245
published_at 2026-04-18T12:55:00Z
8
value 0.0036
scoring_system epss
scoring_elements 0.5822
published_at 2026-04-21T12:55:00Z
9
value 0.0036
scoring_system epss
scoring_elements 0.58231
published_at 2026-04-12T12:55:00Z
10
value 0.0036
scoring_system epss
scoring_elements 0.58211
published_at 2026-04-13T12:55:00Z
11
value 0.0036
scoring_system epss
scoring_elements 0.58243
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-1864
1
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1099622
reference_id 1099622
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1099622
2
reference_url https://github.com/radareorg/radare2/pull/23981
reference_id 23981
reference_type
scores
0
value 10
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-03T14:09:22Z/
url https://github.com/radareorg/radare2/pull/23981
fixed_packages
0
url pkg:deb/debian/radare2@6.0.4%2Bdfsg-1?distro=sid
purl pkg:deb/debian/radare2@6.0.4%2Bdfsg-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.4%252Bdfsg-1%3Fdistro=sid
1
url pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid
purl pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid
aliases CVE-2025-1864
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ev6a-h3yd-5udh
10
url VCID-gebx-34kc-xuh6
vulnerability_id VCID-gebx-34kc-xuh6
summary radare2 v5.9.8 and before contains a memory leak in the function r_bin_object_new.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-60359
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04912
published_at 2026-04-24T12:55:00Z
1
value 0.00018
scoring_system epss
scoring_elements 0.04875
published_at 2026-04-21T12:55:00Z
2
value 0.00018
scoring_system epss
scoring_elements 0.04741
published_at 2026-04-02T12:55:00Z
3
value 0.00018
scoring_system epss
scoring_elements 0.04764
published_at 2026-04-04T12:55:00Z
4
value 0.00018
scoring_system epss
scoring_elements 0.04779
published_at 2026-04-07T12:55:00Z
5
value 0.00018
scoring_system epss
scoring_elements 0.04812
published_at 2026-04-11T12:55:00Z
6
value 0.00018
scoring_system epss
scoring_elements 0.04825
published_at 2026-04-09T12:55:00Z
7
value 0.00018
scoring_system epss
scoring_elements 0.0479
published_at 2026-04-12T12:55:00Z
8
value 0.00018
scoring_system epss
scoring_elements 0.0477
published_at 2026-04-13T12:55:00Z
9
value 0.00018
scoring_system epss
scoring_elements 0.04723
published_at 2026-04-16T12:55:00Z
10
value 0.00018
scoring_system epss
scoring_elements 0.04731
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-60359
1
reference_url https://github.com/radareorg/radare2/pull/24215
reference_id 24215
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-17T14:23:06Z/
url https://github.com/radareorg/radare2/pull/24215
2
reference_url https://usn.ubuntu.com/7915-1/
reference_id USN-7915-1
reference_type
scores
url https://usn.ubuntu.com/7915-1/
fixed_packages
0
url pkg:deb/debian/radare2@6.0.4%2Bdfsg-1?distro=sid
purl pkg:deb/debian/radare2@6.0.4%2Bdfsg-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.4%252Bdfsg-1%3Fdistro=sid
1
url pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid
purl pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid
aliases CVE-2025-60359
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gebx-34kc-xuh6
11
url VCID-gqsh-nqdu-3qex
vulnerability_id VCID-gqsh-nqdu-3qex
summary A vulnerability, which was classified as problematic, was found in radare2 5.9.9 33286. Affected is an unknown function in the library /libr/main/rasm2.c of the component rasm2. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to version 6.0.0 is able to address this issue. The patch is identified as c6c772d2eab692ce7ada5a4227afd50c355ad545. It is recommended to upgrade the affected component.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-1378
reference_id
reference_type
scores
0
value 0.00035
scoring_system epss
scoring_elements 0.10331
published_at 2026-04-04T12:55:00Z
1
value 0.00035
scoring_system epss
scoring_elements 0.10267
published_at 2026-04-02T12:55:00Z
2
value 0.00035
scoring_system epss
scoring_elements 0.10293
published_at 2026-04-24T12:55:00Z
3
value 0.00035
scoring_system epss
scoring_elements 0.10314
published_at 2026-04-21T12:55:00Z
4
value 0.00035
scoring_system epss
scoring_elements 0.10181
published_at 2026-04-18T12:55:00Z
5
value 0.00035
scoring_system epss
scoring_elements 0.10208
published_at 2026-04-16T12:55:00Z
6
value 0.00035
scoring_system epss
scoring_elements 0.10334
published_at 2026-04-13T12:55:00Z
7
value 0.00035
scoring_system epss
scoring_elements 0.10355
published_at 2026-04-12T12:55:00Z
8
value 0.00035
scoring_system epss
scoring_elements 0.10396
published_at 2026-04-11T12:55:00Z
9
value 0.00035
scoring_system epss
scoring_elements 0.10365
published_at 2026-04-09T12:55:00Z
10
value 0.00035
scoring_system epss
scoring_elements 0.10304
published_at 2026-04-08T12:55:00Z
11
value 0.00035
scoring_system epss
scoring_elements 0.1023
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-1378
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098376
reference_id 1098376
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098376
3
reference_url https://github.com/radareorg/radare2/issues/23953
reference_id 23953
reference_type
scores
0
value 1.7
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:S/C:N/I:N/A:P
1
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-18T15:47:48Z/
url https://github.com/radareorg/radare2/issues/23953
4
reference_url https://github.com/radareorg/radare2/issues/23953#issue-2844325926
reference_id 23953#issue-2844325926
reference_type
scores
0
value 1.7
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:S/C:N/I:N/A:P
1
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-18T15:47:48Z/
url https://github.com/radareorg/radare2/issues/23953#issue-2844325926
5
reference_url https://github.com/radareorg/radare2/milestone/86
reference_id 86
reference_type
scores
0
value 1.7
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:S/C:N/I:N/A:P
1
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-18T15:47:48Z/
url https://github.com/radareorg/radare2/milestone/86
6
reference_url https://github.com/radareorg/radare2/commit/c6c772d2eab692ce7ada5a4227afd50c355ad545
reference_id c6c772d2eab692ce7ada5a4227afd50c355ad545
reference_type
scores
0
value 1.7
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:S/C:N/I:N/A:P
1
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-18T15:47:48Z/
url https://github.com/radareorg/radare2/commit/c6c772d2eab692ce7ada5a4227afd50c355ad545
7
reference_url https://vuldb.com/?ctiid.295986
reference_id ?ctiid.295986
reference_type
scores
0
value 1.7
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:S/C:N/I:N/A:P
1
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-18T15:47:48Z/
url https://vuldb.com/?ctiid.295986
8
reference_url https://vuldb.com/?id.295986
reference_id ?id.295986
reference_type
scores
0
value 1.7
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:S/C:N/I:N/A:P
1
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-18T15:47:48Z/
url https://vuldb.com/?id.295986
9
reference_url https://vuldb.com/?submit.498499
reference_id ?submit.498499
reference_type
scores
0
value 1.7
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:S/C:N/I:N/A:P
1
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-18T15:47:48Z/
url https://vuldb.com/?submit.498499
fixed_packages
0
url pkg:deb/debian/radare2@6.0.4%2Bdfsg-1?distro=sid
purl pkg:deb/debian/radare2@6.0.4%2Bdfsg-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.4%252Bdfsg-1%3Fdistro=sid
1
url pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid
purl pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid
aliases CVE-2025-1378
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gqsh-nqdu-3qex
12
url VCID-gy1s-hmrp-fbdg
vulnerability_id VCID-gy1s-hmrp-fbdg
summary A vulnerability, which was classified as problematic, has been found in Radare2 5.9.9. Affected by this issue is the function r_cons_flush in the library /libr/cons/cons.c of the component radiff2. The manipulation of the argument -T leads to use after free. Local access is required to approach this attack. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The name of the patch is 5705d99cc1f23f36f9a84aab26d1724010b97798. It is recommended to apply a patch to fix this issue. The documentation explains that the parameter -T is experimental and "crashy". Further analysis has shown "the race is not a real problem unless you use asan". A new warning has been added.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-5644
reference_id
reference_type
scores
0
value 0.00125
scoring_system epss
scoring_elements 0.31858
published_at 2026-04-09T12:55:00Z
1
value 0.00125
scoring_system epss
scoring_elements 0.31915
published_at 2026-04-02T12:55:00Z
2
value 0.00125
scoring_system epss
scoring_elements 0.31957
published_at 2026-04-04T12:55:00Z
3
value 0.00125
scoring_system epss
scoring_elements 0.31776
published_at 2026-04-07T12:55:00Z
4
value 0.00125
scoring_system epss
scoring_elements 0.31827
published_at 2026-04-08T12:55:00Z
5
value 0.00125
scoring_system epss
scoring_elements 0.31601
published_at 2026-04-24T12:55:00Z
6
value 0.00125
scoring_system epss
scoring_elements 0.31768
published_at 2026-04-21T12:55:00Z
7
value 0.00125
scoring_system epss
scoring_elements 0.31798
published_at 2026-04-18T12:55:00Z
8
value 0.00125
scoring_system epss
scoring_elements 0.31818
published_at 2026-04-16T12:55:00Z
9
value 0.00125
scoring_system epss
scoring_elements 0.31787
published_at 2026-04-13T12:55:00Z
10
value 0.00125
scoring_system epss
scoring_elements 0.31822
published_at 2026-04-12T12:55:00Z
11
value 0.00125
scoring_system epss
scoring_elements 0.3186
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-5644
1
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107316
reference_id 1107316
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107316
2
reference_url https://github.com/radareorg/radare2/issues/24233
reference_id 24233
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:12:42Z/
url https://github.com/radareorg/radare2/issues/24233
3
reference_url https://github.com/radareorg/radare2/issues/24233#issuecomment-2918847833
reference_id 24233#issuecomment-2918847833
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:12:42Z/
url https://github.com/radareorg/radare2/issues/24233#issuecomment-2918847833
4
reference_url https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798
reference_id 5705d99cc1f23f36f9a84aab26d1724010b97798
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:12:42Z/
url https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798
5
reference_url https://vuldb.com/?ctiid.311132
reference_id ?ctiid.311132
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:12:42Z/
url https://vuldb.com/?ctiid.311132
6
reference_url https://vuldb.com/?id.311132
reference_id ?id.311132
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:12:42Z/
url https://vuldb.com/?id.311132
7
reference_url https://vuldb.com/?submit.586921
reference_id ?submit.586921
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:12:42Z/
url https://vuldb.com/?submit.586921
8
reference_url https://drive.google.com/file/d/1VtiMMp7ECun3sq3AwlqQrU9xEPA45eOz/view?usp=sharing
reference_id view?usp=sharing
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:12:42Z/
url https://drive.google.com/file/d/1VtiMMp7ECun3sq3AwlqQrU9xEPA45eOz/view?usp=sharing
fixed_packages
0
url pkg:deb/debian/radare2@6.0.4%2Bdfsg-1?distro=sid
purl pkg:deb/debian/radare2@6.0.4%2Bdfsg-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.4%252Bdfsg-1%3Fdistro=sid
1
url pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid
purl pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid
aliases CVE-2025-5644
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gy1s-hmrp-fbdg
13
url VCID-sua7-jxfv-tfhe
vulnerability_id VCID-sua7-jxfv-tfhe
summary A vulnerability classified as problematic has been found in Radare2 5.9.9. Affected is the function r_cons_pal_init in the library /libr/cons/pal.c of the component radiff2. The manipulation leads to memory corruption. The attack needs to be approached locally. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The patch is identified as 5705d99cc1f23f36f9a84aab26d1724010b97798. It is recommended to apply a patch to fix this issue. The documentation explains that the parameter -T is experimental and "crashy". Further analysis has shown "the race is not a real problem unless you use asan". A new warning has been added.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-5642
reference_id
reference_type
scores
0
value 0.0016
scoring_system epss
scoring_elements 0.36921
published_at 2026-04-11T12:55:00Z
1
value 0.0016
scoring_system epss
scoring_elements 0.36983
published_at 2026-04-02T12:55:00Z
2
value 0.0016
scoring_system epss
scoring_elements 0.37018
published_at 2026-04-04T12:55:00Z
3
value 0.0016
scoring_system epss
scoring_elements 0.36846
published_at 2026-04-07T12:55:00Z
4
value 0.0016
scoring_system epss
scoring_elements 0.36897
published_at 2026-04-08T12:55:00Z
5
value 0.0016
scoring_system epss
scoring_elements 0.36912
published_at 2026-04-09T12:55:00Z
6
value 0.0016
scoring_system epss
scoring_elements 0.36613
published_at 2026-04-24T12:55:00Z
7
value 0.0016
scoring_system epss
scoring_elements 0.36832
published_at 2026-04-21T12:55:00Z
8
value 0.0016
scoring_system epss
scoring_elements 0.3689
published_at 2026-04-18T12:55:00Z
9
value 0.0016
scoring_system epss
scoring_elements 0.36906
published_at 2026-04-16T12:55:00Z
10
value 0.0016
scoring_system epss
scoring_elements 0.36861
published_at 2026-04-13T12:55:00Z
11
value 0.0016
scoring_system epss
scoring_elements 0.36886
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-5642
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107316
reference_id 1107316
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107316
3
reference_url https://github.com/radareorg/radare2/issues/24231
reference_id 24231
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:49:13Z/
url https://github.com/radareorg/radare2/issues/24231
4
reference_url https://github.com/radareorg/radare2/issues/24231#issuecomment-2918848163
reference_id 24231#issuecomment-2918848163
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:49:13Z/
url https://github.com/radareorg/radare2/issues/24231#issuecomment-2918848163
5
reference_url https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798
reference_id 5705d99cc1f23f36f9a84aab26d1724010b97798
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:49:13Z/
url https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798
6
reference_url https://vuldb.com/?ctiid.311130
reference_id ?ctiid.311130
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:49:13Z/
url https://vuldb.com/?ctiid.311130
7
reference_url https://vuldb.com/?id.311130
reference_id ?id.311130
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:49:13Z/
url https://vuldb.com/?id.311130
8
reference_url https://vuldb.com/?submit.586910
reference_id ?submit.586910
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:49:13Z/
url https://vuldb.com/?submit.586910
9
reference_url https://drive.google.com/file/d/1joXpofhKSeb3uJ034ayVuWIoJj08gm_9/view?usp=sharing
reference_id view?usp=sharing
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:49:13Z/
url https://drive.google.com/file/d/1joXpofhKSeb3uJ034ayVuWIoJj08gm_9/view?usp=sharing
fixed_packages
0
url pkg:deb/debian/radare2@6.0.4%2Bdfsg-1?distro=sid
purl pkg:deb/debian/radare2@6.0.4%2Bdfsg-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.4%252Bdfsg-1%3Fdistro=sid
1
url pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid
purl pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid
aliases CVE-2025-5642
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sua7-jxfv-tfhe
14
url VCID-v7dw-jebk-xybc
vulnerability_id VCID-v7dw-jebk-xybc
summary A vulnerability, which was classified as problematic, was found in Radare2 5.9.9. This affects the function r_cons_pal_init in the library /libr/cons/pal.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. Attacking locally is a requirement. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The identifier of the patch is 5705d99cc1f23f36f9a84aab26d1724010b97798. It is recommended to apply a patch to fix this issue. The documentation explains that the parameter -T is experimental and "crashy". Further analysis has shown "the race is not a real problem unless you use asan". A new warning has been added.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-5645
reference_id
reference_type
scores
0
value 0.00147
scoring_system epss
scoring_elements 0.35232
published_at 2026-04-09T12:55:00Z
1
value 0.00147
scoring_system epss
scoring_elements 0.35253
published_at 2026-04-02T12:55:00Z
2
value 0.00147
scoring_system epss
scoring_elements 0.35281
published_at 2026-04-04T12:55:00Z
3
value 0.00147
scoring_system epss
scoring_elements 0.35162
published_at 2026-04-07T12:55:00Z
4
value 0.00147
scoring_system epss
scoring_elements 0.35206
published_at 2026-04-08T12:55:00Z
5
value 0.00147
scoring_system epss
scoring_elements 0.34918
published_at 2026-04-24T12:55:00Z
6
value 0.00147
scoring_system epss
scoring_elements 0.35153
published_at 2026-04-21T12:55:00Z
7
value 0.00147
scoring_system epss
scoring_elements 0.35201
published_at 2026-04-18T12:55:00Z
8
value 0.00147
scoring_system epss
scoring_elements 0.35215
published_at 2026-04-16T12:55:00Z
9
value 0.00147
scoring_system epss
scoring_elements 0.35176
published_at 2026-04-13T12:55:00Z
10
value 0.00147
scoring_system epss
scoring_elements 0.352
published_at 2026-04-12T12:55:00Z
11
value 0.00147
scoring_system epss
scoring_elements 0.35235
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-5645
1
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107316
reference_id 1107316
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107316
2
reference_url https://github.com/radareorg/radare2/issues/24234
reference_id 24234
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:11:49Z/
url https://github.com/radareorg/radare2/issues/24234
3
reference_url https://github.com/radareorg/radare2/issues/24234#issuecomment-2918847551
reference_id 24234#issuecomment-2918847551
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:11:49Z/
url https://github.com/radareorg/radare2/issues/24234#issuecomment-2918847551
4
reference_url https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798
reference_id 5705d99cc1f23f36f9a84aab26d1724010b97798
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:11:49Z/
url https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798
5
reference_url https://vuldb.com/?ctiid.311133
reference_id ?ctiid.311133
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:11:49Z/
url https://vuldb.com/?ctiid.311133
6
reference_url https://vuldb.com/?id.311133
reference_id ?id.311133
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:11:49Z/
url https://vuldb.com/?id.311133
7
reference_url https://vuldb.com/?submit.586922
reference_id ?submit.586922
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:11:49Z/
url https://vuldb.com/?submit.586922
8
reference_url https://drive.google.com/file/d/1LVaraZB30lJXtrvp-4bcEJrZYFJb2bfc/view?usp=sharing
reference_id view?usp=sharing
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:N/I:N/A:P
1
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T18:11:49Z/
url https://drive.google.com/file/d/1LVaraZB30lJXtrvp-4bcEJrZYFJb2bfc/view?usp=sharing
fixed_packages
0
url pkg:deb/debian/radare2@6.0.4%2Bdfsg-1?distro=sid
purl pkg:deb/debian/radare2@6.0.4%2Bdfsg-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.4%252Bdfsg-1%3Fdistro=sid
1
url pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid
purl pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid
aliases CVE-2025-5645
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v7dw-jebk-xybc
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.4%252Bdfsg-1%3Fdistro=sid