QSearchQSearch

CVE-2026-6942

9.8 CRITICAL

radare2-mcp version 1.6.0 and earlier contains an os command injection vulnerability that allows remote attackers to execute arbitrary co...

Published: 2026-04-23 · Last updated: 2026-06-04

Severity and scoring

CVSS
9.8 CRITICAL
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE
CWE-78

Affected products

VendorProduct
radareradare2_mcp_server

Description

radare2-mcp version 1.6.0 and earlier contains an os command injection vulnerability that allows remote attackers to execute arbitrary commands by bypassing the command filter through shell metacharacters in user-controlled input passed to r2_cmd_str(). Attackers can inject shell metacharacters through the jsonrpc interface parameters to achieve remote code execution on the host running radare2-mcp without requiring authentication.

Source: NVD

References

Related CVEs

Same vendor

  • CVE-2026-8696 radare2 6.1.5 contains a use-after-free vulnerability in the gdbr_pids_list() function within the GDB client core that allows remote atta... (7.5 HIGH)
  • CVE-2026-8695 radare2 6.1.5 contains a use-after-free vulnerability in the gdbr_threads_list() function that allows remote attackers to trigger memory ... (7.5 HIGH)
  • CVE-2026-40527 radare2 prior to commit bc5a890 contains a command injection vulnerability in the afsv/afsvj command path where crafted ELF binaries can ... (7.8 HIGH)

Same CWE

  • CVE-2026-46716 Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool (9.9 CRITICAL)
  • CVE-2026-42853 ApostropheCMS is an open-source Node.js content management system (6.5 MEDIUM)
  • CVE-2026-48165 MariaDB server is a community developed fork of MySQL server (8.0 HIGH)
  • CVE-2026-48163 MariaDB server is a community developed fork of MySQL server (8.0 HIGH)
  • CVE-2026-44170 MariaDB server is a community developed fork of MySQL server