cvedb.io
CVE-2026-52758
HIGH · CVSS 8.8
EPSS exploitation probability: 0%
Published 2026-06-10T14:16:36.170 · Last modified 2026-06-17T10:57:53.167

Summary

Ghidra before 12.1 contains a SQL injection vulnerability in BSim filter types that concatenate user-supplied values directly into SQL queries without escaping or parameterization. Remote attackers can inject arbitrary SQL via the BSim network query protocol to read, modify, or delete data in the PostgreSQL database.

Affected products

nsa — ghidra

Does this affect you?

Add your gear to cvedb and we'll alert you only when nsa ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.