Security Advisory

CVE-2026-41015

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-04-16 02:35:47

Last updated 2026-04-16 13:15:26

Assigner mitre

State PUBLISHED

Description

radare2 before 9236f44, when configured on UNIX without SSL, allows command injection via a PDB name to rabin2 -PP. NOTE: although users are supposed to use the latest version from git (not a release), the date range for the vulnerable code was less than a week, occurring after 6.1.2 but before 6.1.3.

← Browse all CVEs View on cve.org ↗