CVE-2026-8696CRITICAL 9.8EPSS p44.1%

CVE-2026-8696CVE-2026-8696

Description

radare2 6.1.5 contains a use-after-free vulnerability in the gdbr_pids_list() function within the GDB client core that allows remote attackers to cause a denial of service or potentially execute arbitrary code by sending malformed thread information responses. Attackers can trigger the vulnerability by causing qsThreadInfo to fail after qfThreadInfo successfully allocates RDebugPid structures, resulting in double-free memory corruption when the error path attempts to clean up the list.

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.60% probability of exploitation · percentile 44.1% · 2026-06-19T12:03:05Z
Published2026-05-15
Last modified2026-05-19

Underlying weaknesses· 1

CWE-416

References

  1. https://github.com/radareorg/radare2/commit/c213ad6894a1eb9086ac8bf5fae35757e9e1683c
  2. https://github.com/radareorg/radare2/issues/25836
  3. https://www.vulncheck.com/advisories/radare2-use-after-free-via-gdbr-pids-list
  4. https://github.com/radareorg/radare2/issues/25836

1

TypeTargetConfidenceTier
WeaknessUse After Freecwe-4160%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-8695
CVE
CVE-2025-1864
CVE
CVE-2025-1744
CVE
CVE-2026-40527
CVE
CVE-2026-23669
CVE
CVE-2026-6942
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.