CVE Catalog

CVE-2026-52752

HighCVSS 7.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.02%

6th percentile - higher than 6% of all known CVEs

Summary

Ghidra before 12.0.2 contains a path traversal vulnerability in the extension installer that fails to validate ZIP entry names during extraction. Attackers can craft malicious extensions with traversal sequences, allowing arbitrary file writes outside the intended directory.

Risk Assessment

This vulnerability could lead to arbitrary code execution on the system, posing a significant security risk to the organization.

Recommendation

It is recommended to update Ghidra to version 12.0.2 or later to mitigate this vulnerability.

Original NVD description (English source)

Ghidra before 12.0.2 contains a path traversal vulnerability in the extension installer that fails to validate ZIP entry names during extraction. Attackers can craft malicious extensions with traversal sequences like ../ in filenames to write arbitrary files outside the intended directory, enabling code execution.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS