<Vulnerability name="CVE-2026-14760">
    <DocumentDistribution xml:lang="en">Copyright © 2012 Red Hat, Inc. All rights reserved.</DocumentDistribution>
    <ThreatSeverity>Low</ThreatSeverity>
    <PublicDate>2026-07-05T15:30:08</PublicDate>
    <Bugzilla id="2497162" url="https://bugzilla.redhat.com/show_bug.cgi?id=2497162" xml:lang="en:us">
radare2: radare2: Denial of Service via local use-after-free vulnerability
    </Bugzilla>
    <CVSS3 status="draft">
        <CVSS3BaseScore>3.3</CVSS3BaseScore>
        <CVSS3ScoringVector>CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L</CVSS3ScoringVector>
    </CVSS3>
    <CWE>CWE-825</CWE>
    <Details xml:lang="en:us" source="Mitre">
A weakness has been identified in radareorg radare2 up to 6.1.6. Impacted is the function r_core_seek_arch_bits of the file libr/core/disasm.c of the component regprofile Handler. Executing a manipulation can lead to use after free. The attack requires local access. The exploit has been made available to the public and could be used for attacks. This patch is called 8b25c773785d85cb0103410a0905089d286921c2. It is advisable to implement a patch to correct this issue.
    </Details>
    <Details xml:lang="en:us" source="Red Hat">
A flaw was found in radareorg radare2. This vulnerability, a use-after-free, affects the `regprofile Handler` component. A local attacker can exploit this flaw by performing a specific manipulation, which could lead to a denial of service, making the application unavailable.
    </Details>
    <Statement xml:lang="en:us">
This flaw is rated as Low impact due to its requirement for local access to trigger a use-after-free vulnerability within the `radare2` reverse engineering framework. Exploitation could result in a denial of service, impacting the availability of the application. The limited scope of this vulnerability, primarily affecting users who execute `radare2` locally, contributes to its lower severity.
    </Statement>
    <Mitigation xml:lang="en:us">
To mitigate this issue, restrict local access to systems where radare2 is installed. If radare2 is not essential for system operation, consider removing the `radare2` package to eliminate the vulnerability.
    </Mitigation>
    <References xml:lang="en:us">
https://www.cve.org/CVERecord?id=CVE-2026-14760
https://nvd.nist.gov/vuln/detail/CVE-2026-14760
https://github.com/radareorg/radare2/
https://github.com/radareorg/radare2/commit/8b25c773785d85cb0103410a0905089d286921c2
https://github.com/radareorg/radare2/issues/26044
https://vuldb.com/cve/CVE-2026-14760
https://vuldb.com/submit/850384
https://vuldb.com/vuln/376349
https://vuldb.com/vuln/376349/cti
    </References>
</Vulnerability>