A vulnerability described as problematic has been identified in radareorg radare2 up to 6.1.6. This impacts the function r_str_word_get0set of the file libr/util/str.c. The manipulation results in integer overflow.

This vulnerability is cataloged as CVE-2026-14786. The attack must be initiated from a local position. Furthermore, there is an exploit available.

It is best practice to apply a patch to resolve this issue.