CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

CVE-2026-14758

lowCVSS 3.3covered by 1 sourcefirst seen 2026-07-05
A vulnerability was identified in radareorg radare2 up to 6.1.6. This vulnerability affects the function cmd_anal_opcode of the file libr/core/cmd_anal.inc.c of the component hexpairs Parser. Such manipulation leads to integer overflow. The attack needs to be performed locally. The exploit is publicly available and might be used. The name of the patch is 84e773986e7e5bb30453a9384f498ec0ccc9d0a9. A patch should be applied to remediate this issue.

⚡ Watch CVE-2026-14758

Get an email if CVE-2026-14758 is added to CISA KEV, gains public exploit code, or a new advisory cites it — max one per day, one-click unsubscribe.

Exploitation outlook

Advisory coverage (1)

External references

NVD record for CVE-2026-14758

CVE.org record

Embed the live status

CVE-2026-14758 live status badge — this badge updates automatically when the KEV or exploit status changes. How to embed it →

[![CVE-2026-14758 status](https://www.csirts.com/badge/CVE-2026-14758)](https://www.csirts.com/cve/CVE-2026-14758)