CVE-2026-52758EPSS p22.4%

CVE-2026-52758CVE-2026-52758

nsa / ghidra

Description

Ghidra before 12.1 contains a SQL injection vulnerability in BSim filter types that concatenate user-supplied values directly into SQL queries without escaping or parameterization. Remote attackers can inject arbitrary SQL via the BSim network query protocol to read, modify, or delete data in the PostgreSQL database.

Scoring

CVSS 8.8 ()
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS0.31% probability of exploitation · percentile 22.4% · 2026-06-18T12:00:27Z
Last modified2026-06-11

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-49498
CVE
CVE-2026-52750
CVE
CVE-2026-52754
CVE
CVE-2026-52753
CVE
CVE-2026-52756
CVE
CVE-2026-52757
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.