CVE-2026-40499 | radareorg radare2 up to 6.1.3 PDB Parser print_gvars os command injection

A vulnerability classified as critical has been found in radareorg radare2 up to 6.1.3. This vulnerability affects the function print_gvars of the component PDB Parser. Performing a manipulation results in os command injection.

This vulnerability is reported as CVE-2026-40499. The attack requires a local approach. No exploit exists.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More