CVE-2026-49496 | NationalSecurityAgency Ghidra up to 12.0 generatePointerAdd use after free

June 10, 2026 Yanac

A vulnerability was found in NationalSecurityAgency Ghidra up to 12.0. It has been rated as critical. This vulnerability affects the function SleighBuilder::generatePointerAdd. This manipulation causes use after free.

This vulnerability appears as CVE-2026-49496. The attack requires local access. There is no available exploit.

Upgrading the affected component is advised.VulDB Recent EntriesRead More