Unrated severityNVD Advisory· Published Nov 14, 2025· Updated Nov 14, 2025

CVE-2025-63745

Description

A NULL pointer dereference vulnerability was discovered in radare2 6.0.5 and earlier within the info() function of bin_ne.c. A crafted binary input can trigger a segmentation fault, leading to a denial of service when the tool processes malformed data.

Affected products

radare2/radare2description
Radare/Radare2llm-fuzzy
Range: <=6.0.5

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/marlinkcyber/advisories/blob/main/advisories/MCSAID-2025-001-radare2-nullptr-deref-bin_ne.mdmitre
github.com/marlinkcyber/advisories/blob/main/advisories/radare2-nullptr-deref-bin_ne.mdmitre
github.com/radareorg/radare2/commit/6c5df3f8570d4f0c360681c08241ad8af3b919fdmitre
github.com/radareorg/radare2/issues/24660mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000