CVE Catalog

CVE-2026-52759

MediumCVSS 5.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.01%

2th percentile — higher than 2% of all known CVEs

Summary

Ghidra before 12.1.1 contains an uncontrolled memory allocation vulnerability in the Mach-O binary parser that allows attackers to cause denial of service. An attacker can supply a crafted Mach-O binary with an arbitrarily large ncmds load command count value, forcing the parser to allocate excessive heap memory without validating file size, crashing the Ghidra JVM.

Risk Assessment

This vulnerability may lead to Ghidra system crashes, potentially disrupting organizational operations and hindering binary analysis.

Recommendation

It is recommended to update Ghidra to version 12.1.1 or later to mitigate this vulnerability and to monitor the system for unauthorized attempts to deliver malicious files.

Original NVD description (English source)

Ghidra before 12.1.1 contains an uncontrolled memory allocation vulnerability in the Mach-O binary parser that allows attackers to cause denial of service. An attacker can supply a crafted Mach-O binary with an arbitrarily large ncmds load command count value, forcing the parser to allocate excessive heap memory without validating file size, crashing the Ghidra JVM.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS