CVE-2026-52753EPSS p1.6%

CVE-2026-52753CVE-2026-52753

nsa / ghidra

Description

Ghidra before 12.0.3 contains an out-of-memory vulnerability in the rust_demangle function that allocates unbounded output buffers without size limits. Attackers can craft malicious Rust symbol names in binaries to trigger exponential memory allocation, causing process crashes during binary analysis.

Scoring

CVSS 5.5 ()
VectorCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS0.11% probability of exploitation · percentile 1.6% · 2026-06-18T12:00:27Z
Last modified2026-06-11

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-52757
CVE
CVE-2026-52759
CVE
CVE-2026-49496
CVE
CVE-2026-49495
CVE
CVE-2024-58350
CVE
CVE-2026-25276
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.