CVE-2026-52755

Source
https://cve.org/CVERecord?id=CVE-2026-52755
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-52755.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-52755
Aliases
  • GHSA-3r55-xjr4-jh8f
Published
2026-06-10T12:41:11.913Z
Modified
2026-07-08T08:14:02.740754837Z
Severity
  • 8.4 (High) CVSS_V4 - CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVSS Calculator
Summary
Ghidra < 12.0.4 - Path Traversal via Zip Slip in Theme Import
Details

Ghidra before 12.0.4 contains a path traversal vulnerability in the theme import functionality that allows attackers to write files outside the intended theme directory. Attackers can craft malicious theme ZIP files with traversal sequences in filenames to execute arbitrary code or modify sensitive files like .bashrc or .ssh/authorized_keys.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/52xxx/CVE-2026-52755.json",
    "cna_assigner": "VulnCheck",
    "cwe_ids": [
        "CWE-22"
    ]
}
References

Affected packages

Git / github.com/nationalsecurityagency/ghidra

Affected ranges

Type
GIT
Repo
https://github.com/nationalsecurityagency/ghidra
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Database specific
{
    "source": [
        "AFFECTED_FIELD",
        "CPE_RANGE"
    ],
    "cpe": "cpe:2.3:a:nsa:ghidra:*:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "12.0.4"
        }
    ]
}

Affected versions

Ghidra_10.*
Ghidra_10.3_build
Ghidra_12.*
Ghidra_12.0.1_build
Ghidra_12.0.2_build
Ghidra_12.0.3_build
Ghidra_12.0_build
Ghidra_9.*
Ghidra_9.0.1_build

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-52755.json"