CVE-2026-40517 | radareorg radare2 up to 6.1.3 PDB Parser print_gvars os command injection (Bug 25730)

A vulnerability was found in radareorg radare2 up to 6.1.3. It has been rated as critical. Affected by this issue is the function print_gvars of the component PDB Parser. This manipulation causes os command injection.

This vulnerability is tracked as CVE-2026-40517. The attack is restricted to local execution. No exploit exists.

Upgrading the affected component is advised.VulDB Recent EntriesRead More