CVE Database · CVE-2026-45324
CVSS v3.1
3.3
EPSS
0.10%
Published
May 29, 2026
Modified
May 29, 2026
Public PoC / Exploit
All weaponized →No public PoC or exploit code indexed for this CVE.
Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.
Description
Rizin is a UNIX-like reverse engineering framework and command-line toolset. There is a double free in librz/core/cmd/cmd_search.c:byte_pattern_search() due wrong pointer ownership declared. This vulnerability is fixed by commit 045fff363b42b8a6dda8ad5229c29ec3267e7dbe.
CVSS Vector
CVSS:3.1/AV:P/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:LWeaknesses (CWE)
References (2)