CVE-2026-22780 Common Vulnerabilities and Exposures

Upstream information

CVE-2026-22780 at MITRE

Description

Rizin is a UNIX-like reverse engineering framework and command-line toolset. Prior to 0.8.2, a heap overflow can be exploited when a malicious mach0 file, having bogus entries for the dyld chained segments, is parsed by rizin. This vulnerability is fixed in 0.8.2.

SUSE information

Overall state of this security issue: Does not affect SUSE products

SUSE Bugzilla entry: 1257611 [NEW]

No SUSE Security Announcements cross referenced.

List of released packages

Product(s)	Fixed package version(s)	References
openSUSE Tumbleweed	`rizin >= 0.8.2-1.1` `rizin-common >= 0.8.2-1.1` `rizin-devel >= 0.8.2-1.1`	Patchnames: openSUSE-Tumbleweed-2026-10141

SUSE Timeline for this CVE

CVE page created: Tue Feb 3 02:02:39 2026
CVE page last modified: Fri May 8 11:58:05 2026