CVE-2026-45613NVD

Vulnerability Summary

Rizin is a UNIX-like reverse engineering framework and command-line toolset. There is a heap-buffer-overflow in librz/bin/format/omf/omf.c. This vulnerability is fixed by commit e6d0937c8a083e23ed76ccfb9f631cdc50c7af47.

Severity Level

LOW(3.3)

Published Date

May 29, 2026

Last Modified

May 29, 2026

Exploitation Status

UNKNOWN

Root Weakness (CWE)

CWE-125: Out-of-bounds Read ↗

The software reads data past the end, or before the beginning, of the intended buffer.

EPSS Score (30-Day)

0.01%Probability

CVSS v3.1 Base Metrics

Attack VectorLocal

Attack ComplexityLow

Privileges RequiredNone

User InteractionRequired

ScopeUnchanged

ConfidentialityLow

IntegrityNone

AvailabilityNone

External References

https://github.com/rizinorg/rizin/commit/e6d0937c8a083e23ed76ccfb9f631cdc50c7af47
https://github.com/rizinorg/rizin/security/advisories/GHSA-wprr-wrcw-mw6v