Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/937434?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "type": "deb", "namespace": "debian", "name": "radare2", "version": "5.9.0+dfsg-1", "qualifiers": { "distro": "sid" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "5.9.8+dfsg-1", "latest_non_vulnerable_version": "6.0.7+ds-1", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/264800?format=api", "vulnerability_id": "VCID-1jmy-vuq8-8ufa", "summary": "Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.4.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0713", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00343", "scoring_system": "epss", "scoring_elements": "0.5687", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00343", "scoring_system": "epss", "scoring_elements": "0.56966", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00343", "scoring_system": "epss", "scoring_elements": "0.56988", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00343", "scoring_system": "epss", "scoring_elements": "0.56964", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00343", "scoring_system": "epss", "scoring_elements": "0.57015", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00343", "scoring_system": "epss", "scoring_elements": "0.57017", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00343", "scoring_system": "epss", "scoring_elements": "0.57029", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00343", "scoring_system": "epss", "scoring_elements": "0.57008", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00343", "scoring_system": "epss", "scoring_elements": "0.56985", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00343", "scoring_system": "epss", "scoring_elements": "0.57014", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00343", "scoring_system": "epss", "scoring_elements": "0.57011", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00343", "scoring_system": "epss", "scoring_elements": "0.56987", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00343", "scoring_system": "epss", "scoring_elements": "0.56922", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00343", "scoring_system": "epss", "scoring_elements": "0.5694", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00343", "scoring_system": "epss", "scoring_elements": "0.56924", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00343", "scoring_system": "epss", "scoring_elements": "0.56877", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00343", "scoring_system": "epss", "scoring_elements": "0.56923", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00343", "scoring_system": "epss", "scoring_elements": "0.56984", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0713" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478", "reference_id": "1014478", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-0713" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1jmy-vuq8-8ufa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/265235?format=api", "vulnerability_id": "VCID-5rv8-9w1a-9yag", "summary": "heap-use-after-free in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is capable of inducing denial of service.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1284", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.51996", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52043", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52069", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52035", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52089", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52086", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52138", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52121", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52107", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52147", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.5215", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52132", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52079", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52085", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52048", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.51994", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1284" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478", "reference_id": "1014478", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-1284" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5rv8-9w1a-9yag" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/265243?format=api", "vulnerability_id": "VCID-5xy5-6f5d-83c7", "summary": "Out-of-bounds Read in r_bin_ne_get_entrypoints function in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability may allow attackers to read sensitive information or cause a crash.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1297", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.52944", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.52969", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.52994", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.52961", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.53012", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.53006", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.53055", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.5304", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.53023", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.53061", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.53068", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.5305", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.53016", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.53025", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.52985", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.52935", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.52986", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.53028", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1297" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478", "reference_id": "1014478", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-1297" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5xy5-6f5d-83c7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/265242?format=api", "vulnerability_id": "VCID-6zbf-v2qf-kudb", "summary": "Out-of-bounds read in `r_bin_ne_get_relocs` function in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability may allow attackers to read sensitive information or cause a crash.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1296", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51594", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51645", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.5167", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51631", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51685", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51681", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.5173", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51708", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51692", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51733", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.5174", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.5172", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51672", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51678", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51638", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51582", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51634", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1296" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478", "reference_id": "1014478", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-1296" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6zbf-v2qf-kudb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/261788?format=api", "vulnerability_id": "VCID-7f5v-63rw-47c5", "summary": "radareorg radare2 5.5.2 is vulnerable to Buffer Overflow via /libr/core/anal_objc.c mach-o parser.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-44975", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00317", "scoring_system": "epss", "scoring_elements": "0.548", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00317", "scoring_system": "epss", "scoring_elements": "0.5468", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00317", "scoring_system": "epss", "scoring_elements": "0.5475", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00317", "scoring_system": "epss", "scoring_elements": "0.54773", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00317", "scoring_system": "epss", "scoring_elements": "0.54743", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00317", "scoring_system": "epss", "scoring_elements": "0.54793", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00317", "scoring_system": "epss", "scoring_elements": "0.5479", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00317", "scoring_system": "epss", "scoring_elements": "0.54802", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00317", "scoring_system": "epss", "scoring_elements": "0.54785", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00317", "scoring_system": "epss", "scoring_elements": "0.54764", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00317", "scoring_system": "epss", "scoring_elements": "0.54804", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00317", "scoring_system": "epss", "scoring_elements": "0.54786", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00317", "scoring_system": "epss", "scoring_elements": "0.54759", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00317", "scoring_system": "epss", "scoring_elements": "0.54779", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00317", "scoring_system": "epss", "scoring_elements": "0.54757", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00317", "scoring_system": "epss", "scoring_elements": "0.54703", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00317", "scoring_system": "epss", "scoring_elements": "0.54745", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-44975" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014490", "reference_id": "1014490", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014490" }, { "reference_url": "https://security.archlinux.org/AVG-2748", "reference_id": "AVG-2748", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2748" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2021-44975" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7f5v-63rw-47c5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/265210?format=api", "vulnerability_id": "VCID-7hzf-vk9r-dfh1", "summary": "heap-buffer-overflow in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is capable of inducing denial of service.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1244", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.51996", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52043", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52069", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52035", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52089", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52086", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52138", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52121", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52107", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52147", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.5215", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52132", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52079", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52085", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52048", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.51994", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1244" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478", "reference_id": "1014478", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-1244" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7hzf-vk9r-dfh1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/265460?format=api", "vulnerability_id": "VCID-8xen-g6z6-hfcs", "summary": "Null pointer dereference in libr/bin/format/mach0/mach0.c in radareorg/radare2 in GitHub repository radareorg/radare2 prior to 5.7.0. It is likely to be exploitable. For more general description of heap buffer overflow, see [CWE](https://cwe.mitre.org/data/definitions/476.html).", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1649", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.4807", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48107", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48128", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48077", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.4813", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48125", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48149", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48122", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48133", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48186", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.4818", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48137", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48116", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48072", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.47993", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48058", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48081", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1649" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478", "reference_id": "1014478", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-1649" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8xen-g6z6-hfcs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/263841?format=api", "vulnerability_id": "VCID-8zuq-cnzg-9bfk", "summary": "A vulnerability was found in Radare2 in versions prior to 5.6.2, 5.6.0, 5.5.4 and 5.5.2. Mapping a huge section filled with zeros of an ELF64 binary for MIPS architecture can lead to uncontrolled resource consumption and DoS.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-4021", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00436", "scoring_system": "epss", "scoring_elements": "0.63052", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00436", "scoring_system": "epss", "scoring_elements": "0.62832", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00436", "scoring_system": "epss", "scoring_elements": "0.6289", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00436", "scoring_system": "epss", "scoring_elements": "0.6292", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00436", "scoring_system": "epss", "scoring_elements": "0.62883", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00436", "scoring_system": "epss", "scoring_elements": "0.62934", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00436", "scoring_system": "epss", "scoring_elements": "0.6295", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00436", "scoring_system": "epss", "scoring_elements": "0.62969", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00436", "scoring_system": "epss", "scoring_elements": "0.62957", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00436", "scoring_system": "epss", "scoring_elements": "0.62935", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00436", "scoring_system": "epss", "scoring_elements": "0.62976", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00436", "scoring_system": "epss", "scoring_elements": "0.62983", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00436", "scoring_system": "epss", "scoring_elements": "0.62962", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00436", "scoring_system": "epss", "scoring_elements": "0.62997", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00436", "scoring_system": "epss", "scoring_elements": "0.62952", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00436", "scoring_system": "epss", "scoring_elements": "0.62999", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-4021" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014490", "reference_id": "1014490", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014490" }, { "reference_url": "https://security.archlinux.org/AVG-2583", "reference_id": "AVG-2583", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2583" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2021-4021" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8zuq-cnzg-9bfk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/304369?format=api", "vulnerability_id": "VCID-9cdv-pbch-47cp", "summary": "Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-4322", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.47547", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.47656", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.47609", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.47589", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.47598", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.47544", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.4746", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.47526", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.47576", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.47597", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.47546", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.47601", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.47621", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.47606", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.47664", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-4322" }, { "reference_url": "https://huntr.dev/bounties/06e2484c-d6f1-4497-af67-26549be9fffd", "reference_id": "06e2484c-d6f1-4497-af67-26549be9fffd", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-07-03T14:16:48Z/" } ], "url": "https://huntr.dev/bounties/06e2484c-d6f1-4497-af67-26549be9fffd" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051898", "reference_id": "1051898", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051898" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/64KUV6OGEVQ75QOV35PUVVDOJTKSJHYN/", "reference_id": "64KUV6OGEVQ75QOV35PUVVDOJTKSJHYN", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-07-03T14:16:48Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/64KUV6OGEVQ75QOV35PUVVDOJTKSJHYN/" }, { "reference_url": "https://github.com/radareorg/radare2/commit/ba919adb74ac368bf76b150a00347ded78b572dd", "reference_id": "ba919adb74ac368bf76b150a00347ded78b572dd", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-07-03T14:16:48Z/" } ], "url": "https://github.com/radareorg/radare2/commit/ba919adb74ac368bf76b150a00347ded78b572dd" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SOZ6XCADVAPAIHMVSV3FUAN742BHXF55/", "reference_id": "SOZ6XCADVAPAIHMVSV3FUAN742BHXF55", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-07-03T14:16:48Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SOZ6XCADVAPAIHMVSV3FUAN742BHXF55/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2023-4322" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9cdv-pbch-47cp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/302350?format=api", "vulnerability_id": "VCID-9yq7-v9ah-qyek", "summary": "An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32 function of libr/arch/p/nds32/nds32-dis.h.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-46570", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33477", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33486", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33369", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33436", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.34073", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.34104", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33963", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.34005", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.34036", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33993", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33969", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.34003", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.3399", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33957", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33587", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33567", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-46570" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054908", "reference_id": "1054908", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054908" }, { "reference_url": "https://github.com/radareorg/radare2/issues/22333", "reference_id": "22333", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-09-09T19:52:30Z/" } ], "url": "https://github.com/radareorg/radare2/issues/22333" }, { "reference_url": "https://gist.github.com/gandalf4a/d7fa58f1b3418ef08ad244acccc10ba6", "reference_id": "d7fa58f1b3418ef08ad244acccc10ba6", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-09-09T19:52:30Z/" } ], "url": "https://gist.github.com/gandalf4a/d7fa58f1b3418ef08ad244acccc10ba6" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2023-46570" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9yq7-v9ah-qyek" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/264936?format=api", "vulnerability_id": "VCID-aubp-kw7t-abam", "summary": "Use After Free in r_reg_get_name_idx in GitHub repository radareorg/radare2 prior to 5.6.6.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0849", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00265", "scoring_system": "epss", "scoring_elements": "0.4997", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00265", "scoring_system": "epss", "scoring_elements": "0.49951", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00265", "scoring_system": "epss", "scoring_elements": "0.49988", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00265", "scoring_system": "epss", "scoring_elements": "0.50016", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00265", "scoring_system": "epss", "scoring_elements": "0.49966", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00265", "scoring_system": "epss", "scoring_elements": "0.50021", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00265", "scoring_system": "epss", "scoring_elements": "0.50014", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00265", "scoring_system": "epss", "scoring_elements": "0.50032", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00265", "scoring_system": "epss", "scoring_elements": "0.50005", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00265", "scoring_system": "epss", "scoring_elements": "0.50001", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00265", "scoring_system": "epss", "scoring_elements": "0.50047", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00265", "scoring_system": "epss", "scoring_elements": "0.50049", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00265", "scoring_system": "epss", "scoring_elements": "0.50009", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00265", "scoring_system": "epss", "scoring_elements": "0.49968", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00265", "scoring_system": "epss", "scoring_elements": "0.49884", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00265", "scoring_system": "epss", "scoring_elements": "0.4994", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0849" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478", "reference_id": "1014478", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-0849" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-aubp-kw7t-abam" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/265338?format=api", "vulnerability_id": "VCID-aupe-75b8-fbff", "summary": "heap-use-after-free in GitHub repository radareorg/radare2 prior to 5.7.0. This vulnerability is capable of inducing denial of service.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1444", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.51996", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52043", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52069", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52035", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52089", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52086", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52138", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52121", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52107", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52147", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.5215", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52132", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52079", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52085", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52048", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.51994", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1444" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478", "reference_id": "1014478", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-1444" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-aupe-75b8-fbff" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/264628?format=api", "vulnerability_id": "VCID-befg-btu3-g3ek", "summary": "Buffer Access with Incorrect Length Value in GitHub repository radareorg/radare2 prior to 5.6.2.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0519", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57709", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57794", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57814", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57787", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57842", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57844", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57861", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57839", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57817", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57846", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57845", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57822", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.5778", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.578", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57779", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57736", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0519" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478", "reference_id": "1014478", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-0519" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-befg-btu3-g3ek" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/302349?format=api", "vulnerability_id": "VCID-bmmz-g7bb-6ydp", "summary": "An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32_fpu function of libr/arch/p/nds32/nds32-dis.h.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-46569", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35434", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35457", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35343", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35412", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35956", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35986", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35817", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35867", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.3589", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35896", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35855", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35831", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.3587", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35858", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35808", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35575", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35544", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-46569" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054908", "reference_id": "1054908", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054908" }, { "reference_url": "https://github.com/radareorg/radare2/issues/22334", "reference_id": "22334", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-09-09T19:50:40Z/" } ], "url": "https://github.com/radareorg/radare2/issues/22334" }, { "reference_url": "https://gist.github.com/gandalf4a/afeaf8cc958f95876f0ee245b8a002e8", "reference_id": "afeaf8cc958f95876f0ee245b8a002e8", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-09-09T19:50:40Z/" } ], "url": "https://gist.github.com/gandalf4a/afeaf8cc958f95876f0ee245b8a002e8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2023-46569" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bmmz-g7bb-6ydp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/261787?format=api", "vulnerability_id": "VCID-czpx-39nm-3fhk", "summary": "radareorg radare2 version 5.5.2 is vulnerable to NULL Pointer Dereference via libr/bin/p/bin_symbols.c binary symbol parser.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-44974", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00349", "scoring_system": "epss", "scoring_elements": "0.57459", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00349", "scoring_system": "epss", "scoring_elements": "0.57335", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00349", "scoring_system": "epss", "scoring_elements": "0.57416", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00349", "scoring_system": "epss", "scoring_elements": "0.57439", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00349", "scoring_system": "epss", "scoring_elements": "0.57414", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00349", "scoring_system": "epss", "scoring_elements": "0.57466", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00349", "scoring_system": "epss", "scoring_elements": "0.57469", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00349", "scoring_system": "epss", "scoring_elements": "0.57485", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00349", "scoring_system": "epss", "scoring_elements": "0.57462", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00349", "scoring_system": "epss", "scoring_elements": "0.57443", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00349", "scoring_system": "epss", "scoring_elements": "0.5747", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00349", "scoring_system": "epss", "scoring_elements": "0.57465", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00349", "scoring_system": "epss", "scoring_elements": "0.57445", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00349", "scoring_system": "epss", "scoring_elements": "0.574", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00349", "scoring_system": "epss", "scoring_elements": "0.57422", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00349", "scoring_system": "epss", "scoring_elements": "0.57401", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00349", "scoring_system": "epss", "scoring_elements": "0.57351", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00349", "scoring_system": "epss", "scoring_elements": "0.57395", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-44974" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014490", "reference_id": "1014490", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014490" }, { "reference_url": "https://security.archlinux.org/AVG-2748", "reference_id": "AVG-2748", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2748" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2021-44974" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-czpx-39nm-3fhk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/264784?format=api", "vulnerability_id": "VCID-drqw-6fx3-augx", "summary": "Denial of Service in GitHub repository radareorg/radare2 prior to 5.6.4.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0695", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.553", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55414", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55439", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55418", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55469", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55479", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55458", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.5544", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55476", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.5548", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55381", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55401", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55374", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55323", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55365", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55422", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0695" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478", "reference_id": "1014478", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-0695" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-drqw-6fx3-augx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/264632?format=api", "vulnerability_id": "VCID-ds17-huzd-37d2", "summary": "Access of Memory Location After End of Buffer in GitHub repository radareorg/radare2 prior to 5.6.2.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0521", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57709", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57794", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57814", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57787", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57842", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57844", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57861", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57839", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57817", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57846", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57845", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57822", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.5778", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.578", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57779", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57736", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0521" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478", "reference_id": "1014478", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-0521" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ds17-huzd-37d2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/265092?format=api", "vulnerability_id": "VCID-e1ry-7wyr-z7gt", "summary": "Heap Buffer Overflow in iterate_chained_fixups in GitHub repository radareorg/radare2 prior to 5.6.6.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1052", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35448", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35647", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35672", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35553", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35599", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35622", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35632", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35587", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35565", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35604", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35593", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35544", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35306", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35284", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35205", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35087", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35156", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35184", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1052" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478", "reference_id": "1014478", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-1052" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e1ry-7wyr-z7gt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/265187?format=api", "vulnerability_id": "VCID-e4sm-emrh-qkc9", "summary": "Out-of-bounds read in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability allows attackers to read sensitive information from outside the allocated buffer boundary.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1207", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28699", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28781", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.2883", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28635", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28701", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.2874", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28744", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.287", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28651", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28671", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28646", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28599", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28485", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28372", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28297", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28137", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28195", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28219", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1207" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478", "reference_id": "1014478", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-1207" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e4sm-emrh-qkc9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/264293?format=api", "vulnerability_id": "VCID-esdn-avz7-c3g4", "summary": "Use After Free in GitHub repository radareorg/radare2 prior to 5.6.0.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0139", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00398", "scoring_system": "epss", "scoring_elements": "0.60491", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00398", "scoring_system": "epss", "scoring_elements": "0.60565", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00398", "scoring_system": "epss", "scoring_elements": "0.60594", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00398", "scoring_system": "epss", "scoring_elements": "0.60563", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00398", "scoring_system": "epss", "scoring_elements": "0.60611", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00398", "scoring_system": "epss", "scoring_elements": "0.60627", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00398", "scoring_system": "epss", "scoring_elements": "0.60652", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00398", "scoring_system": "epss", "scoring_elements": "0.60637", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00398", "scoring_system": "epss", "scoring_elements": "0.60616", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00398", "scoring_system": "epss", "scoring_elements": "0.60658", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00398", "scoring_system": "epss", "scoring_elements": "0.60664", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00398", "scoring_system": "epss", "scoring_elements": "0.60651", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00398", "scoring_system": "epss", "scoring_elements": "0.60648", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00398", "scoring_system": "epss", "scoring_elements": "0.60641", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00398", "scoring_system": "epss", "scoring_elements": "0.60698", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0139" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478", "reference_id": "1014478", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-0139" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-esdn-avz7-c3g4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/285628?format=api", "vulnerability_id": "VCID-euwf-e2ud-wban", "summary": "Denial of Service in GitHub repository radareorg/radare2 prior to 5.8.6.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-1605", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50583", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.5065", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50606", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.5053", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.5063", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50657", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50612", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50667", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50663", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50705", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50683", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50709", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50715", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50695", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50642", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-1605" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034180", "reference_id": "1034180", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034180" }, { "reference_url": "https://github.com/radareorg/radare2/commit/508a6307045441defd1bef0999a1f7052097613f", "reference_id": "508a6307045441defd1bef0999a1f7052097613f", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-25T19:30:31Z/" } ], "url": "https://github.com/radareorg/radare2/commit/508a6307045441defd1bef0999a1f7052097613f" }, { "reference_url": "https://huntr.dev/bounties/9dddcf5b-7dd4-46cc-abf9-172dce20bab2", "reference_id": "9dddcf5b-7dd4-46cc-abf9-172dce20bab2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-25T19:30:31Z/" } ], "url": "https://huntr.dev/bounties/9dddcf5b-7dd4-46cc-abf9-172dce20bab2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2023-1605" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-euwf-e2ud-wban" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/264667?format=api", "vulnerability_id": "VCID-fktn-5h3c-t3ay", "summary": "Use After Free in GitHub repository radareorg/radare2 prior to 5.6.2.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0559", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00327", "scoring_system": "epss", "scoring_elements": "0.55513", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00327", "scoring_system": "epss", "scoring_elements": "0.55624", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00327", "scoring_system": "epss", "scoring_elements": "0.55648", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00327", "scoring_system": "epss", "scoring_elements": "0.55626", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00327", "scoring_system": "epss", "scoring_elements": "0.55678", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00327", "scoring_system": "epss", "scoring_elements": "0.55681", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00327", "scoring_system": "epss", "scoring_elements": "0.5569", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00327", "scoring_system": "epss", "scoring_elements": "0.5567", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00327", "scoring_system": "epss", "scoring_elements": "0.55652", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00327", "scoring_system": "epss", "scoring_elements": "0.55691", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00327", "scoring_system": "epss", "scoring_elements": "0.55695", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00327", "scoring_system": "epss", "scoring_elements": "0.55674", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00327", "scoring_system": "epss", "scoring_elements": "0.556", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00327", "scoring_system": "epss", "scoring_elements": "0.55617", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00327", "scoring_system": "epss", "scoring_elements": "0.55593", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00327", "scoring_system": "epss", "scoring_elements": "0.5554", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00327", "scoring_system": "epss", "scoring_elements": "0.55587", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00327", "scoring_system": "epss", "scoring_elements": "0.55644", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0559" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478", "reference_id": "1014478", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-0559" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fktn-5h3c-t3ay" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/264627?format=api", "vulnerability_id": "VCID-gn9n-bv7p-bbap", "summary": "Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.2.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0518", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.57568", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.57652", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.57674", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.5765", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.57704", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.57707", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.57722", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.57701", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.57681", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.57711", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.57708", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.57686", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.57643", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.57663", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.57642", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.57596", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.57641", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0518" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478", "reference_id": "1014478", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-0518" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gn9n-bv7p-bbap" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/265096?format=api", "vulnerability_id": "VCID-h43t-cy2h-jfdv", "summary": "Heap Buffer Overflow in parseDragons in GitHub repository radareorg/radare2 prior to 5.6.8.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1061", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.50418", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.50474", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.50502", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.50456", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.5051", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.50506", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.50548", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.50525", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.50553", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.50558", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.50535", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.50482", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.5049", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.50445", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.50368", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.50421", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.5045", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1061" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478", "reference_id": "1014478", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-1061" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h43t-cy2h-jfdv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/265336?format=api", "vulnerability_id": "VCID-hkwf-9xsj-xqct", "summary": "Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1437", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00251", "scoring_system": "epss", "scoring_elements": "0.48361", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00251", "scoring_system": "epss", "scoring_elements": "0.48397", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00251", "scoring_system": "epss", "scoring_elements": "0.48418", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00251", "scoring_system": "epss", "scoring_elements": "0.48371", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00251", "scoring_system": "epss", "scoring_elements": "0.48426", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00251", "scoring_system": "epss", "scoring_elements": "0.4842", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00251", "scoring_system": "epss", "scoring_elements": "0.48444", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00251", "scoring_system": "epss", "scoring_elements": "0.48419", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00251", "scoring_system": "epss", "scoring_elements": "0.48431", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00251", "scoring_system": "epss", "scoring_elements": "0.48481", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00251", "scoring_system": "epss", "scoring_elements": "0.48476", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00251", "scoring_system": "epss", "scoring_elements": "0.48417", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00251", "scoring_system": "epss", "scoring_elements": "0.48429", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00251", "scoring_system": "epss", "scoring_elements": "0.48376", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00251", "scoring_system": "epss", "scoring_elements": "0.48292", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00251", "scoring_system": "epss", "scoring_elements": "0.48355", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00251", "scoring_system": "epss", "scoring_elements": "0.48379", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1437" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478", "reference_id": "1014478", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-1437" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hkwf-9xsj-xqct" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/264323?format=api", "vulnerability_id": "VCID-khyh-e434-x3hk", "summary": "radare2 is vulnerable to Out-of-bounds Read", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0173", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57714", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57799", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57819", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57793", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57848", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57849", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57866", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57844", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57823", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57852", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57851", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57828", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57787", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57806", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57788", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57745", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0173" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478", "reference_id": "1014478", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-0173" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-khyh-e434-x3hk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/265294?format=api", "vulnerability_id": "VCID-n5c5-p9qk-zkgz", "summary": "NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is capable of making the radare2 crash, thus affecting the availability of the system.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1382", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48146", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48183", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48202", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48154", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48208", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48201", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48225", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48199", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48211", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48262", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48258", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48213", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48195", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48205", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48151", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48069", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48134", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48158", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1382" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478", "reference_id": "1014478", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-1382" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n5c5-p9qk-zkgz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/264767?format=api", "vulnerability_id": "VCID-nh84-fufj-pfgr", "summary": "Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.4.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0676", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.57578", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.57664", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.57685", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.5875", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58803", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.5881", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58828", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.5879", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58823", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58827", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58804", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58784", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58798", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58783", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58749", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58794", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58853", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0676" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478", "reference_id": "1014478", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-0676" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nh84-fufj-pfgr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/224713?format=api", "vulnerability_id": "VCID-nnye-265s-hfdm", "summary": "Buffer Overflow vulnerability in radarorg radare2 v.5.8.8 allows an attacker to execute arbitrary code via the name, type, or group fields.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-29646", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69626", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69734", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.6969", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69715", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.6971", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69702", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.6965", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69668", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69659", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69619", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69633", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69648", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69564", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.6958", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69558", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69609", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00821", "scoring_system": "epss", "scoring_elements": "0.74532", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-29646" }, { "reference_url": "https://gist.github.com/Crispy-fried-chicken/0be4a204e7226fa2cea761c09f027690", "reference_id": "0be4a204e7226fa2cea761c09f027690", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-18T15:50:29Z/" } ], "url": "https://gist.github.com/Crispy-fried-chicken/0be4a204e7226fa2cea761c09f027690" }, { "reference_url": "https://github.com/radareorg/radare2/pull/22562", "reference_id": "22562", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-18T15:50:29Z/" } ], "url": "https://github.com/radareorg/radare2/pull/22562" }, { "reference_url": "https://github.com/radareorg/radare2/pull/22567", "reference_id": "22567", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-18T15:50:29Z/" } ], "url": "https://github.com/radareorg/radare2/pull/22567" }, { "reference_url": "https://github.com/radareorg/radare2/pull/22572", "reference_id": "22572", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-18T15:50:29Z/" } ], "url": "https://github.com/radareorg/radare2/pull/22572" }, { "reference_url": "https://github.com/radareorg/radare2/pull/22578", "reference_id": "22578", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-18T15:50:29Z/" } ], "url": "https://github.com/radareorg/radare2/pull/22578" }, { "reference_url": "https://github.com/radareorg/radare2/pull/22599", "reference_id": "22599", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-18T15:50:29Z/" } ], "url": "https://github.com/radareorg/radare2/pull/22599" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2024-29646" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nnye-265s-hfdm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/265234?format=api", "vulnerability_id": "VCID-nuzb-2zqv-wbgf", "summary": "NULL Pointer Dereference in r_bin_ne_get_entrypoints function in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability allows attackers to cause a denial of service (application crash).", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1283", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50624", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50677", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50703", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50659", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50714", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.5071", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50752", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50729", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50754", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.5076", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.5074", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50689", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50698", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50653", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50576", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50629", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1283" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478", "reference_id": "1014478", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-1283" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nuzb-2zqv-wbgf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/306701?format=api", "vulnerability_id": "VCID-ny2r-28hp-5uep", "summary": "Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5686", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24664", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24702", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24474", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24544", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24589", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24605", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24563", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24509", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.2452", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24512", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24489", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24431", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24416", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24374", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24251", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.2433", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24392", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5686" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055854", "reference_id": "1055854", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055854" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2023-5686" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ny2r-28hp-5uep" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/264538?format=api", "vulnerability_id": "VCID-p5f7-7r1a-rycr", "summary": "NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.0.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0419", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.47979", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48017", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48038", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.47987", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.4804", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48034", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48058", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48035", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48046", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48098", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48093", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.4805", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48031", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48043", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.47991", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.47909", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.47976", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0419" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478", "reference_id": "1014478", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478" }, { "reference_url": "https://security.archlinux.org/AVG-2748", "reference_id": "AVG-2748", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2748" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-0419" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p5f7-7r1a-rycr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/266539?format=api", "vulnerability_id": "VCID-patn-amhm-cqcp", "summary": "Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in GitHub repository radareorg/radare2 prior to 5.8.2.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-0302", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00189", "scoring_system": "epss", "scoring_elements": "0.40386", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00189", "scoring_system": "epss", "scoring_elements": "0.40443", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00189", "scoring_system": "epss", "scoring_elements": "0.403", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00189", "scoring_system": "epss", "scoring_elements": "0.40368", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00189", "scoring_system": "epss", "scoring_elements": "0.40725", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00189", "scoring_system": "epss", "scoring_elements": "0.40753", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00189", "scoring_system": "epss", "scoring_elements": "0.40676", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00189", "scoring_system": "epss", "scoring_elements": "0.40726", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00189", "scoring_system": "epss", "scoring_elements": "0.40732", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00189", "scoring_system": "epss", "scoring_elements": "0.4075", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00189", "scoring_system": "epss", "scoring_elements": "0.40715", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00189", "scoring_system": "epss", "scoring_elements": "0.40697", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00189", "scoring_system": "epss", "scoring_elements": "0.40742", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00189", "scoring_system": "epss", "scoring_elements": "0.40713", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00189", "scoring_system": "epss", "scoring_elements": "0.40636", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00189", "scoring_system": "epss", "scoring_elements": "0.40539", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00189", "scoring_system": "epss", "scoring_elements": "0.40525", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-0302" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029037", "reference_id": "1029037", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029037" }, { "reference_url": "https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e", "reference_id": "583133af-7ae6-4a21-beef-a4b0182cf82e", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-07T17:47:04Z/" } ], "url": "https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e" }, { "reference_url": "https://github.com/radareorg/radare2/commit/961f0e723903011d4f54c2396e44efa91fcc74ce", "reference_id": "961f0e723903011d4f54c2396e44efa91fcc74ce", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-07T17:47:04Z/" } ], "url": "https://github.com/radareorg/radare2/commit/961f0e723903011d4f54c2396e44efa91fcc74ce" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2023-0302" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-patn-amhm-cqcp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/224930?format=api", "vulnerability_id": "VCID-pq2q-hnd2-y3eb", "summary": "Buffer Overflow vulnerability in radarorg radare2 v.5.8.8 allows an attacker to execute arbitrary code via the parse_die function.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-29645", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17535", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.1768", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17634", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17581", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17527", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17568", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17736", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17783", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17511", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17601", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17662", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22587", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22505", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22608", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22612", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.2262", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23117", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-29645" }, { "reference_url": "https://github.com/radareorg/radare2/pull/22561", "reference_id": "22561", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-02T17:24:47Z/" } ], "url": "https://github.com/radareorg/radare2/pull/22561" }, { "reference_url": "https://github.com/radareorg/radare2/commit/72bf3a486fa851797aa21887a40ba0e3d3a6d620", "reference_id": "72bf3a486fa851797aa21887a40ba0e3d3a6d620", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-02T17:24:47Z/" } ], "url": "https://github.com/radareorg/radare2/commit/72bf3a486fa851797aa21887a40ba0e3d3a6d620" }, { "reference_url": "https://gist.github.com/Crispy-fried-chicken/83f0f5e8a475284d64bf99fb342e9027", "reference_id": "83f0f5e8a475284d64bf99fb342e9027", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-02T17:24:47Z/" } ], "url": "https://gist.github.com/Crispy-fried-chicken/83f0f5e8a475284d64bf99fb342e9027" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2024-29645" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pq2q-hnd2-y3eb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/265206?format=api", "vulnerability_id": "VCID-pt1y-cpch-1qfn", "summary": "Out-of-bounds Write in libr/bin/format/ne/ne.c in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is heap overflow and may be exploitable. For more general description of heap buffer overflow, see [CWE](https://cwe.mitre.org/data/definitions/122.html).", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1238", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.50334", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.5039", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.5042", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.50372", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.50425", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.50419", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.5046", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.50437", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.50422", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.50465", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.50469", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.50445", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.50391", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.50401", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.50352", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.50274", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.50328", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.50359", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1238" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478", "reference_id": "1014478", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-1238" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pt1y-cpch-1qfn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/265078?format=api", "vulnerability_id": "VCID-rgst-sefy-mya3", "summary": "Use After Free in op_is_set_bp in GitHub repository radareorg/radare2 prior to 5.6.6.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1031", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51927", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51975", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.52", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51966", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.52021", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.52019", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.52071", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.52053", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.52037", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.52077", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.52083", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.52064", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.52011", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.52017", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51979", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51978", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1031" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478", "reference_id": "1014478", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-1031" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rgst-sefy-mya3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/266512?format=api", "vulnerability_id": "VCID-sk4s-yzns-jfbk", "summary": "Integer Overflow or Wraparound in GitHub repository radareorg/radare2 prior to 5.8.0.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-4398", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55475", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55424", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55375", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55419", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55461", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55485", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55463", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55515", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55516", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55525", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55504", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55487", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55523", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55527", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55506", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55431", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.5545", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-4398" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1027144", "reference_id": "1027144", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1027144" }, { "reference_url": "https://github.com/radareorg/radare2/commit/b53a1583d05c3a5bfe5fa60da133fe59dfbb02b8", "reference_id": "b53a1583d05c3a5bfe5fa60da133fe59dfbb02b8", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:50:32Z/" } ], "url": "https://github.com/radareorg/radare2/commit/b53a1583d05c3a5bfe5fa60da133fe59dfbb02b8" }, { "reference_url": "https://huntr.dev/bounties/c6f8d3ef-5420-4eba-9a5f-aba5e2b5fea2", "reference_id": "c6f8d3ef-5420-4eba-9a5f-aba5e2b5fea2", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:50:32Z/" } ], "url": "https://huntr.dev/bounties/c6f8d3ef-5420-4eba-9a5f-aba5e2b5fea2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-4398" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sk4s-yzns-jfbk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/265208?format=api", "vulnerability_id": "VCID-tbyx-yrx3-vfag", "summary": "Heap buffer overflow in libr/bin/format/mach0/mach0.c in GitHub repository radareorg/radare2 prior to 5.8.6. If address sanitizer is disabled during the compiling, the program should executes into the `r_str_ncpy` function. Therefore I think it is very likely to be exploitable. For more general description of heap buffer overflow, see [CWE](https://cwe.mitre.org/data/definitions/122.html).", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1240", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.46991", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47028", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47047", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.46995", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47049", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47045", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47069", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47043", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47105", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47101", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47035", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.46909", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.46973", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1240" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478", "reference_id": "1014478", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-1240" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tbyx-yrx3-vfag" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/265505?format=api", "vulnerability_id": "VCID-tdq4-q57q-ufht", "summary": "Out-of-bounds Read in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1714", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32832", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32684", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32569", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32484", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32343", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32407", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32417", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35005", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.34981", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.34858", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35006", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35021", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35056", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35083", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.34963", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35008", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35037", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35041", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1714" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478", "reference_id": "1014478", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-1714" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tdq4-q57q-ufht" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/205734?format=api", "vulnerability_id": "VCID-te26-ushn-aybj", "summary": "An issue in radareorg radare2 v.0.9.7 through v.5.8.6 and fixed in v.5.8.8 allows a local attacker to cause a denial of service via the grub_sfs_read_extent function.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-26475", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17669", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17476", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17569", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17959", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.18013", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17713", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.178", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17861", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17877", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17833", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17785", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17729", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17738", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17776", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17687", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17664", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17619", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-26475" }, { "reference_url": "https://github.com/TronciuVlad/CVE-2024-26475", "reference_id": "CVE-2024-26475", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-15T16:01:17Z/" } ], "url": "https://github.com/TronciuVlad/CVE-2024-26475" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2024-26475" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-te26-ushn-aybj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/265339?format=api", "vulnerability_id": "VCID-tqf6-xzpu-37d9", "summary": "Out-of-bounds Read in r_bin_java_constant_value_attr_new function in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past the end 2f the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash. More details see [CWE-125: Out-of-bounds read](https://cwe.mitre.org/data/definitions/125.html).", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1451", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.5095", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51003", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51028", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.50985", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51042", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51039", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51082", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.5106", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51043", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51081", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51087", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51064", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51013", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.5102", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.5098", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.50912", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.50962", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.50993", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1451" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478", "reference_id": "1014478", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-1451" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tqf6-xzpu-37d9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/264798?format=api", "vulnerability_id": "VCID-v71n-cp33-7uc9", "summary": "NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.4.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0712", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62123", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62184", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62215", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62182", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62232", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62249", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62267", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62257", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62235", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.6228", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62287", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62272", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62282", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62298", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62292", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62237", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62286", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62344", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0712" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478", "reference_id": "1014478", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-0712" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v71n-cp33-7uc9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/290294?format=api", "vulnerability_id": "VCID-v86n-wjus-g7h5", "summary": "radare2 v5.8.3 was discovered to contain a segmentation fault via the component wasm_dis at p/wasm/wasm.c.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27114", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22325", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22266", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22162", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22247", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22589", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22631", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22418", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.225", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22554", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22572", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22531", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22477", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22492", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22489", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22439", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22286", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22272", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27114" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1032667", "reference_id": "1032667", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1032667" }, { "reference_url": "https://github.com/radareorg/radare2/issues/21363", "reference_id": "21363", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-28T16:14:47Z/" } ], "url": "https://github.com/radareorg/radare2/issues/21363" }, { "reference_url": "https://github.com/radareorg/radare2/commit/a15067a8eaa836bcc24b0882712c14d1baa66509", "reference_id": "a15067a8eaa836bcc24b0882712c14d1baa66509", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-28T16:14:47Z/" } ], "url": "https://github.com/radareorg/radare2/commit/a15067a8eaa836bcc24b0882712c14d1baa66509" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2023-27114" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v86n-wjus-g7h5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/266516?format=api", "vulnerability_id": "VCID-w45p-1p1t-tkav", "summary": "Radare2 v5.7.2 was discovered to contain a NULL pointer dereference via the function r_bin_file_xtr_load_buffer at bin/bfile.c. This vulnerability allows attackers to cause a Denial of Service (DOS) via a crafted binary file.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34520", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32799", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32835", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32656", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32704", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.3273", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32731", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32695", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32667", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32706", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32683", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32653", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32499", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32383", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.323", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32162", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32225", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32235", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34520" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016979", "reference_id": "1016979", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016979" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-34520" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w45p-1p1t-tkav" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/265205?format=api", "vulnerability_id": "VCID-w5bc-f4gs-aqa6", "summary": "Improper Validation of Array Index in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is heap overflow and may be exploitable. For more general description of heap buffer overflow, see [CWE](https://cwe.mitre.org/data/definitions/122.html).", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1237", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49093", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49126", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49156", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49108", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49162", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49159", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49176", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.4915", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49202", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.492", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49169", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49168", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49124", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49041", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49105", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49133", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1237" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478", "reference_id": "1014478", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-1237" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w5bc-f4gs-aqa6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/302558?format=api", "vulnerability_id": "VCID-wkg7-9vfg-rbgc", "summary": "radare2 5.8.9 has an out-of-bounds read in r_bin_object_set_items in libr/bin/bobj.c, causing a crash in r_read_le32 in libr/include/r_endian.h.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-47016", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39067", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39206", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39189", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39107", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.3898", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.3905", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39499", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39522", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39437", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39492", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39508", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39519", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.3948", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39463", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39514", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39486", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39402", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-47016" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056930", "reference_id": "1056930", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056930" }, { "reference_url": "https://github.com/radareorg/radare2/issues/22349", "reference_id": "22349", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-19T20:20:19Z/" } ], "url": "https://github.com/radareorg/radare2/issues/22349" }, { "reference_url": "https://github.com/radareorg/radare2/commit/40c9f50e127be80b9d816bce2ab2ee790831aefd", "reference_id": "40c9f50e127be80b9d816bce2ab2ee790831aefd", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-19T20:20:19Z/" } ], "url": "https://github.com/radareorg/radare2/commit/40c9f50e127be80b9d816bce2ab2ee790831aefd" }, { "reference_url": "https://gist.github.com/gandalf4a/65705be4f84269cb7cd725a1d4ab2ffa", "reference_id": "65705be4f84269cb7cd725a1d4ab2ffa", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2023-12-19T20:20:19Z/" } ], "url": "https://gist.github.com/gandalf4a/65705be4f84269cb7cd725a1d4ab2ffa" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2023-47016" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wkg7-9vfg-rbgc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/265624?format=api", "vulnerability_id": "VCID-x1ew-h8tp-67c2", "summary": "Out-of-bounds Read in GitHub repository radareorg/radare2 prior to 5.7.0.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1899", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00454", "scoring_system": "epss", "scoring_elements": "0.6371", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00454", "scoring_system": "epss", "scoring_elements": "0.63771", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00454", "scoring_system": "epss", "scoring_elements": "0.63798", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00454", "scoring_system": "epss", "scoring_elements": "0.63754", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00454", "scoring_system": "epss", "scoring_elements": "0.63806", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00454", "scoring_system": "epss", "scoring_elements": "0.63823", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00454", "scoring_system": "epss", "scoring_elements": "0.63836", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00454", "scoring_system": "epss", "scoring_elements": "0.63822", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00454", "scoring_system": "epss", "scoring_elements": "0.63789", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00454", "scoring_system": "epss", "scoring_elements": "0.63824", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00454", "scoring_system": "epss", "scoring_elements": "0.63833", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00454", "scoring_system": "epss", "scoring_elements": "0.63821", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00454", "scoring_system": "epss", "scoring_elements": "0.63837", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00454", "scoring_system": "epss", "scoring_elements": "0.6385", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00454", "scoring_system": "epss", "scoring_elements": "0.63848", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00454", "scoring_system": "epss", "scoring_elements": "0.6382", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00454", "scoring_system": "epss", "scoring_elements": "0.63863", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00454", "scoring_system": "epss", "scoring_elements": "0.63912", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1899" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478", "reference_id": "1014478", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-1899" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x1ew-h8tp-67c2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/266444?format=api", "vulnerability_id": "VCID-xgjj-4vb7-uubp", "summary": "Radare2 v5.7.0 was discovered to contain a heap buffer overflow via the function consume_encoded_name_new at format/wasm/wasm.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted binary file.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34502", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34539", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34567", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34434", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34477", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34506", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34507", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34468", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34444", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.3448", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34465", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34425", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34053", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34034", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.33948", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.33827", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.33897", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.3394", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34502" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016979", "reference_id": "1016979", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016979" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-34502" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xgjj-4vb7-uubp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/265295?format=api", "vulnerability_id": "VCID-y9b9-yzvm-e3df", "summary": "Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.8. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1383", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47401", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47435", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47456", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47406", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.4746", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47457", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.4748", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47455", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47462", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47521", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47513", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47466", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47452", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47461", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47408", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47325", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47389", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47409", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1383" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478", "reference_id": "1014478", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-1383" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y9b9-yzvm-e3df" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/264635?format=api", "vulnerability_id": "VCID-ynz2-8u9q-2yba", "summary": "Use After Free in GitHub repository radareorg/radare2 prior to 5.6.2.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0523", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.4724", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47277", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47296", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47243", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47298", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47294", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47318", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47293", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.473", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47358", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47353", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47303", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47288", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47297", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47245", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47162", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47226", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47244", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0523" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478", "reference_id": "1014478", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-0523" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ynz2-8u9q-2yba" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/265580?format=api", "vulnerability_id": "VCID-yycm-mx2c-tkae", "summary": "Access of Uninitialized Pointer in GitHub repository radareorg/radare2 prior to 5.7.0.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1809", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50647", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.507", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50726", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50682", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50737", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50734", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50776", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50752", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50777", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50783", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50763", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50712", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50721", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50675", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50596", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50649", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.5068", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1809" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478", "reference_id": "1014478", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-1809" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yycm-mx2c-tkae" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/265340?format=api", "vulnerability_id": "VCID-z1c6-6naw-byeg", "summary": "Out-of-bounds Read in r_bin_java_bootstrap_methods_attr_new function in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past the end 2f the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash. More details see [CWE-125: Out-of-bounds read](https://cwe.mitre.org/data/definitions/125.html).", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1452", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.5095", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51003", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51028", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.50985", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51042", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51039", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51082", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.5106", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51043", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51081", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51087", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51064", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51013", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.5102", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.5098", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.50912", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.50962", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.50993", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1452" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478", "reference_id": "1014478", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-1452" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z1c6-6naw-byeg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/264594?format=api", "vulnerability_id": "VCID-zec6-qhn1-4qh2", "summary": "Denial of Service in GitHub repository radareorg/radare2 prior to 5.6.4.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0476", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00225", "scoring_system": "epss", "scoring_elements": "0.45129", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00225", "scoring_system": "epss", "scoring_elements": "0.4521", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00225", "scoring_system": "epss", "scoring_elements": "0.45233", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00225", "scoring_system": "epss", "scoring_elements": "0.45175", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00225", "scoring_system": "epss", "scoring_elements": "0.4523", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00225", "scoring_system": "epss", "scoring_elements": "0.45229", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00225", "scoring_system": "epss", "scoring_elements": "0.4525", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00225", "scoring_system": "epss", "scoring_elements": "0.45218", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00225", "scoring_system": "epss", "scoring_elements": "0.4522", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00225", "scoring_system": "epss", "scoring_elements": "0.45271", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00225", "scoring_system": "epss", "scoring_elements": "0.45265", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00225", "scoring_system": "epss", "scoring_elements": "0.45217", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00225", "scoring_system": "epss", "scoring_elements": "0.45137", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00225", "scoring_system": "epss", "scoring_elements": "0.45077", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00225", "scoring_system": "epss", "scoring_elements": "0.44974", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00225", "scoring_system": "epss", "scoring_elements": "0.45039", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00225", "scoring_system": "epss", "scoring_elements": "0.45057", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0476" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478", "reference_id": "1014478", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014478" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/937434?format=api", "purl": "pkg:deb/debian/radare2@5.9.0%2Bdfsg-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/937413?format=api", "purl": "pkg:deb/debian/radare2@6.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@6.0.7%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-0476" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zec6-qhn1-4qh2" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/radare2@5.9.0%252Bdfsg-1%3Fdistro=sid" }