CVE-2026-6942 | radareorg radare2 up to 1.5.x Jsonrpc Interface r2_cmd_str os command injection (Issue 45)

A vulnerability classified as critical was found in radareorg radare2 up to 1.5.x. Affected is the function r2_cmd_str of the component Jsonrpc Interface. The manipulation results in os command injection.

This vulnerability is identified as CVE-2026-6942. The attack can be executed remotely. There is not any exploit available.

Upgrading the affected component is advised.VulDB Recent EntriesRead More