Description

radare2 prior to version 6.1.4 contains a command injection vulnerability in the PDB parser's print_gvars() function that allows attackers to execute arbitrary commands by embedding a newline byte in the PE section header name field. Attackers can craft a malicious PDB file with specially crafted section names to inject r2 commands that are executed when the idp command processes the file.

INFO

Published Date :

2026-04-15T02:05:20.899Z

Last Modified :

2026-04-16T14:06:54.448Z

Source :

VulnCheck
AFFECTED PRODUCTS

The following products are affected by CVE-2026-40499 vulnerability.

Vendors Products
Radare
  • Radare2
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-40499.

URL Resource
https://blog.calif.io/p/mad-bugs-discovering-a-0-day-in-zero cve-icon cve-icon
https://github.com/radareorg/radare2/commit/5590c87deeb7eb2a106fd7aab9ca88bfeebb7397 cve-icon cve-icon
https://github.com/radareorg/radare2/issues/25752 cve-icon cve-icon
https://github.com/radareorg/radare2/releases/tag/6.1.4 cve-icon cve-icon
https://www.vulncheck.com/advisories/radare2-command-injection-via-pdb-parser-print-gvars cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability