CVE-2026-52755EPSS p5.5%

CVE-2026-52755CVE-2026-52755

nsa / ghidra

Description

Ghidra before 12.0.4 contains a path traversal vulnerability in the theme import functionality that allows attackers to write files outside the intended theme directory. Attackers can craft malicious theme ZIP files with traversal sequences in filenames to execute arbitrary code or modify sensitive files like .bashrc or .ssh/authorized_keys.

Scoring

CVSS 7.8 ()
VectorCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS0.16% probability of exploitation · percentile 5.5% · 2026-06-18T12:00:27Z
Last modified2026-06-11

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-52752
CVE
CVE-2026-52756
CVE
CVE-2026-49497
CVE
CVE-2026-52750
CVE
CVE-2026-52754
CVE
CVE-2026-52751
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.