CVE-2026-52757 | NationalSecurityAgency Ghidra up to 12.0 HighVariable::merge use after free

June 10, 2026 Yanac

A vulnerability marked as critical has been reported in NationalSecurityAgency Ghidra up to 12.0. The impacted element is the function HighVariable::merge. The manipulation leads to use after free.

This vulnerability is uniquely identified as CVE-2026-52757. Local access is required to approach this attack. No exploit exists.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More