CVE-2025-1744 — Vulnetix

CVE-2025-1744 PUBLISHED CVSS 10 CRITICAL

Out-of-bounds Write vulnerability in radareorg radare2 allows heap-based buffer over-read or buffer overflow.This issue affects radare2: before <5.9.9.

EPSS 0.45% · 64.0th percentile

Risk Scores

CVSS v4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

EPSS Score

0.45%

64.0th percentile

Affected Products

Vendor	Product	Versions
radare	radare2	0
radareorg	radare2	0

Timeline

Feb 27, 2025 CVE ID Reserved
Feb 28, 2025 EPSS Score
Feb 28, 2025 CVE Published
Feb 28, 2025 PoC Published
Feb 28, 2025 PoC Published
Feb 28, 2025 CVE Updated
Mar 5, 2025 Coalition ESS Score
Mar 14, 2025 EPSS Score
Mar 28, 2025 EPSS Score
Apr 11, 2025 EPSS Score
Apr 25, 2025 EPSS Score
May 9, 2025 EPSS Score

References

https://github.com/radareorg/radare2/pull/23969 patch
https://nvd.nist.gov/vuln/detail/CVE-2025-1744 advisory

Open in Interactive Console →