โ† Back to Dashboard

CVE-2026-52751

HIGH NVD
CVSS Score
8.8
Severity
HIGH
Source
NVD
Published
Jun 10, 2026
Description

Ghidra before 12.1 contains an unsafe deserialization vulnerability in client-side Shared-Project RMI connection code that allows unauthenticated remote code execution. Attackers can craft a malicious project file with a ghidra:// URL that, when opened via File โ†’ Open Project, deserializes untrusted objects using a Jython 2.7.4 gadget chain to execute arbitrary commands.

View Full Details โ† Back