Is there a public PoC exploit available for CVE-2026-6940?

Yes, a public proof-of-concept exploit is available for CVE-2026-6940. Prioritise patching immediately. EPSS: 0.0%.

Is there a patch available for CVE-2026-6940?

Yes, a patch is available for CVE-2026-6940. Update the affected software to the latest version immediately.

CVE-2026-6940

Q: What is the CVSS score of CVE-2026-6940?

CVE-2026-6940 has a CVSS 4.0 base score of 6.9 (Medium). CVSS vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.0%.

EUVD-2026-25301 MEDIUM

Path Traversal (CWE-22)

2026-04-23 VulnCheck

GHSA-x2x5-gj4j-p6qw

Path Traversal

6.9

CVSS 4.0

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

Scope

Lifecycle Timeline

PoC Detected

Apr 27, 2026 - 14:56 vuln.today

Public exploit code

Patch released

Apr 27, 2026 - 14:56 nvd

Patch available

Apr 23, 2026 - 22:16 EUVD

Severity Changed

Apr 23, 2026 - 21:27 NVD

HIGH MEDIUM

CVSS changed

Apr 23, 2026 - 21:27 NVD

7.1 (HIGH) 6.9 (MEDIUM)

EUVD ID Assigned

Apr 23, 2026 - 21:00 euvd

EUVD-2026-25301

CVE Published

Apr 23, 2026 - 20:26 nvd

MEDIUM 6.9

DescriptionNVD

radare2 prior to 6.1.4 contains a path traversal vulnerability in project deletion that allows local attackers to recursively delete arbitrary directories by supplying absolute paths that escape the configured dir.projects root directory. Attackers can craft absolute paths to project marker files outside the project storage boundary to cause recursive deletion of attacker-chosen directories with permissions of the radare2 process, resulting in integrity and availability loss.

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-6940 vulnerability details – vuln.today

Back

CVE-2026-6940

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

Analysis

Analysis

Full analysis requires sign-in

Share

CVE-2026-6940

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

Analysis

Full analysis requires sign-in

Share

External POC / Exploit Code