CVE-2026-45613 LOW

CVE-2026-45613: Rizin: Heap-buffer-overflow in OMF parser

Vendor Rizinorg
Product rizin
Weakness CWE-125
Published May 29, 2026
Last update June 1, 2026

CVSS base score

3.3/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

What the vulnerability does

01Description

Rizin is a UNIX-like reverse engineering framework and command-line toolset. There is a heap-buffer-overflow in librz/bin/format/omf/omf.c. This vulnerability is fixed by commit e6d0937c8a083e23ed76ccfb9f631cdc50c7af47.

Key dates

02Disclosure timeline

May 29, 2026 CVE published
June 1, 2026 Record updated