CVE-2026-45324

Published: Mag 29, 2026 Last Modified: Mag 29, 2026

ExploitDB:

Other exploit source:

Google Dorks:

LOW 3,3

Source: [email protected]

Attack Vector: physical

Attack Complexity: high

Privileges Required: low

User Interaction: required

Scope: changed

Confidentiality: none

Integrity: low

Availability: low

Description

AI Translation Available

Rizin is a UNIX-like reverse engineering framework and command-line toolset. There is a double free in librz/core/cmd/cmd_search.c:byte_pattern_search() due wrong pointer ownership declared. This vulnerability is fixed by commit 045fff363b42b8a6dda8ad5229c29ec3267e7dbe.

415

Double Free

Draft

Abstraction: Variant Structure: Simple

Common Consequences

Security Scopes Affected:

Integrity Confidentiality Availability

Potential Impacts:

Modify Memory Execute Unauthorized Code Or Commands

Applicable Platforms

Languages: Memory-Unsafe, C, C++

Likelihood of Exploit: High

View CWE Details

https://github.com/rizinorg/rizin/commit/045fff363b42b8a6dd…

https://github.com/rizinorg/rizin/commit/045fff363b42b8a6dda8ad5229c29ec3267e7d…

https://github.com/rizinorg/rizin/security/advisories/GHSA-…

https://github.com/rizinorg/rizin/security/advisories/GHSA-2377-chx7-xf7c

CVE-2026-45324

Description

Double Free

Common Consequences

Applicable Platforms

Iscriviti alla newsletter