Ghidra < 12.0.4 - Path Traversal via Zip Slip in...

8.4 / 10

HIGH

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Description

Ghidra before 12.0.4 contains a path traversal vulnerability in the theme import functionality that allows attackers to write files outside the intended theme directory. Attackers can craft malicious theme ZIP files with traversal sequences in filenames to execute arbitrary code or modify sensitive files like .bashrc or .ssh/authorized_keys.

Basic Information

ID CVE-2026-52755

Source VulnCheck

Published Jun 10, 2026 at 12:41

Affected Product

Vendor nationalsecurityagency

Product ghidra

Affected Versions nationalsecurityagency ghidra 0

CWE Classification

CWE-22

References

{
    "lastseen": "",
    "description": "Ghidra before 12.0.4 contains a path traversal vulnerability in the theme import functionality that allows attackers to write files outside the intended theme directory. Attackers can craft malicious theme ZIP files with traversal sequences in filenames to execute arbitrary code or modify sensitive files like .bashrc or .ssh/authorized_keys.",
    "published": "2026-06-10T12:41:11.913Z",
    "modified": "2026-06-10T12:41:11.913Z",
    "type": "cve",
    "title": "Ghidra < 12.0.4 - Path Traversal via Zip Slip in Theme Import",
    "source": "VulnCheck",
    "references": "https://github.com/NationalSecurityAgency/ghidra/security/advisories/GHSA-3r55-xjr4-jh8f\nhttps://www.vulncheck.com/advisories/ghidra-path-traversal-via-zip-slip-in-theme-import",
    "id": "CVE-2026-52755",
    "bulletinFamily": "",
    "cwe": [
        "CWE-22"
    ],
    "cvelist": null,
    "sourceData": "nationalsecurityagency ghidra 0",
    "sourceHref": "",
    "cvss": {
        "score": 8.4,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "ghidra",
    "version": "0",
    "vendor": "nationalsecurityagency",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Ghidra < 12.0.4 - Path Traversal via Zip Slip in Theme Import_CVE-2026-52755