cvedb.io
CVE-2026-52755
HIGH · CVSS 7.8
EPSS exploitation probability: 0%
Published 2026-06-10T14:16:35.747 · Last modified 2026-06-17T10:57:52.807

Summary

Ghidra before 12.0.4 contains a path traversal vulnerability in the theme import functionality that allows attackers to write files outside the intended theme directory. Attackers can craft malicious theme ZIP files with traversal sequences in filenames to execute arbitrary code or modify sensitive files like .bashrc or .ssh/authorized_keys.

Affected products

nsa — ghidra

Does this affect you?

Add your gear to cvedb and we'll alert you only when nsa ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.