CVE-2026-52751

HIGH EPSS 48.9%
Published Jun 10, 20262w ago · Modified Jun 17, 20261w ago
8.6 CVSS 4.0
High
Find Similar
Published Jun 10, 2026 2w ago
Last Modified Jun 17, 2026 1w ago

Description

Ghidra before 12.1 contains an unsafe deserialization vulnerability in client-side Shared-Project RMI connection code that allows unauthenticated remote code execution. Attackers can craft a malicious project file with a ghidra:// URL that, when opened via File → Open Project, deserializes untrusted objects using a Jython 2.7.4 gadget chain to execute arbitrary commands.

CVSS Details

Base Score
8.6
Exploitability
Impact
Vector string
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction A
Scope X

Threat Intelligence

EPSS Exploit Probability
48.9% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available

Weaknesses 1

CWE-502 Deserialization of Untrusted Data Validation

Affected Products 1

VendorProductVersionRange
nsaghidra* <12.1

References 3

  • github.com https://github.com/NationalSecurityAgency/ghidra/commit/91a269103fe5d133c14ec3afa60280dccb94be5c
    Patch
  • github.com https://github.com/NationalSecurityAgency/ghidra/security/advisories/GHSA-fgg5-g275-7742
    ExploitMitigationVendor Advisory
  • vulncheck.com https://www.vulncheck.com/advisories/ghidra-remote-code-execution-via-unfiltered-rmi-deserialization-in-shared-project-connection
    Third Party Advisory

Remediation

  • github.com https://github.com/NationalSecurityAgency/ghidra/commit/91a269103fe5d133c14ec3afa60280dccb94be5c
    Patch