Home

Description

Ghidra before 12.0.4 contains a path traversal vulnerability in the theme import functionality that allows attackers to write files outside the intended theme directory. Attackers can craft malicious theme ZIP files with traversal sequences in filenames to execute arbitrary code or modify sensitive files like .bashrc or .ssh/authorized_keys.

PUBLISHED Reserved 2026-06-08 | Published 2026-06-10 | Updated 2026-06-10 | Assigner VulnCheck




HIGH: 8.4CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

HIGH: 7.8CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Problem types

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Product status

Default status
unaffected

Any version before 12.0.4
affected

12.0.4 (semver)
unaffected

Credits

@PrasanthSundararajan69 reporter

References

github.com/...ghidra/security/advisories/GHSA-3r55-xjr4-jh8f exploit

github.com/...ghidra/security/advisories/GHSA-3r55-xjr4-jh8f (GitHub Security Advisory (GHSA-3r55-xjr4-jh8f)) vendor-advisory

www.vulncheck.com/...-traversal-via-zip-slip-in-theme-import third-party-advisory

cve.org (CVE-2026-52755)

nvd.nist.gov (CVE-2026-52755)

Download JSON