How is CVE-2026-52750 exploited?

Network reachability (not-required): The attacker does not need network access; exploitation requires an existing presence on the host or the ability to plant malicious content (such as a crafted binary with embedded comments) that the local user opens in Ghidra. Authentication (not-required): No account or credential is needed to embed the malicious URL payload; the attacker only needs a way to get a crafted file in front of the victim. Victim interaction (required): The victim must click an annotated URL inside the Ghidra interface for the injected command to execute, making this a social-engineering-dependent attack path. Attack complexity (info): Attack complexity is rated High, meaning the exploit depends on specific preconditions (AT:P indicates a particular target configuration must be present), so it is not reliably triggered in every environment.

What is the impact of CVE-2026-52750?

Executes arbitrary commands as the Ghidra user, giving the attacker full control over any process or file accessible to that account. Reads files, environment variables, and secrets accessible to the Ghidra process, including API keys, SSH keys, or cached credentials stored on the analyst workstation. Modifies or deletes files on the local system, including Ghidra project data, reverse-engineering artifacts, and any other user-writable content. Crashes or disrupts the Ghidra session and any dependent tooling running under the same user account.

Back to search

HIGHCVE-2026-52750Published 2026-06-10Modified 2026-06-10CNA VulnCheck

CVE-2026-52750: Ghidra < 12.1- Command Injection via URL Annotation Click

Q: What is CVE-2026-52750?

Command injection in Ghidra (versions before 12.1) allows an attacker to run arbitrary operating system commands by embedding malicious URLs in program comments. The vulnerability is local and requires a victim to click an annotated URL inside the Ghidra interface; it is reachable only when cmd.exe metacharacters appear in a comment that a user opens. Successful exploitation gives the attacker full execution of arbitrary commands under the privileges of the Ghidra user, with high impact to confidentiality, integrity, and availability of the local system. A patched-image rebuild at version 12.1 is available on HarborGuard for affected environments.

Q: How is CVE-2026-52750 fixed?

A patched-image rebuild at Ghidra 12.1 becomes available on HarborGuard for any image found to carry an affected version. For customers with auto-remediation enabled, HarborGuard rebuilds the image, runs a regression test suite, and opens a pull request against affected workloads automatically.

Ghidra before 12.1 contains a command injection vulnerability in URL annotation handling on Windows where cmd.exe metacharacters are not properly escaped. Attackers can execute arbitrary commands under the Ghidra user's privileges by embedding malicious URLs in program comments that victims click.

CVSS v4.0: 7.3
Severity: HIGH
Fixed in: 12.1
Affected Products: 1

HarborGuard Analysis

Synopsis

Command injection in Ghidra (versions before 12.1) allows an attacker to run arbitrary operating system commands by embedding malicious URLs in program comments. The vulnerability is local and requires a victim to click an annotated URL inside the Ghidra interface; it is reachable only when cmd.exe metacharacters appear in a comment that a user opens. Successful exploitation gives the attacker full execution of arbitrary commands under the privileges of the Ghidra user, with high impact to confidentiality, integrity, and availability of the local system. A patched-image rebuild at version 12.1 is available on HarborGuard for affected environments.

HarborGuard Coverage

Detection

Detection of CVE-2026-52750 is available across every HarborGuard environment; the CVE is ingested from upstream feeds within minutes of publication and matched against all customer images, including custom-built images that bundle Ghidra. Any image carrying a Ghidra installation below 12.1 is flagged automatically.

Available

Triage

HarborGuard scores this CVE at 7.3 HIGH (CVSS v4.0) and weights it against each environment's compliance policy to determine queue priority and routing. Findings are dispatched to the appropriate team inbox within each customer organization based on configured ownership rules.

Available

Patch

A patched-image rebuild at Ghidra 12.1 becomes available on HarborGuard for any image found to carry an affected version. For customers with auto-remediation enabled, HarborGuard rebuilds the image, runs a regression test suite, and opens a pull request against affected workloads automatically.

Available

Exploit Conditions

Network reachabilityNot required
The attacker does not need network access; exploitation requires an existing presence on the host or the ability to plant malicious content (such as a crafted binary with embedded comments) that the local user opens in Ghidra.
AuthenticationNot required
No account or credential is needed to embed the malicious URL payload; the attacker only needs a way to get a crafted file in front of the victim.
Victim interactionRequired
The victim must click an annotated URL inside the Ghidra interface for the injected command to execute, making this a social-engineering-dependent attack path.
Attack complexityDetail
Attack complexity is rated High, meaning the exploit depends on specific preconditions (AT:P indicates a particular target configuration must be present), so it is not reliably triggered in every environment.

Blast Radius

Executes arbitrary commands as the Ghidra user, giving the attacker full control over any process or file accessible to that account.
Reads files, environment variables, and secrets accessible to the Ghidra process, including API keys, SSH keys, or cached credentials stored on the analyst workstation.
Modifies or deletes files on the local system, including Ghidra project data, reverse-engineering artifacts, and any other user-writable content.
Crashes or disrupts the Ghidra session and any dependent tooling running under the same user account.

How HarborGuard Handles This

Available on HarborGuard: any image carrying Ghidra below version 12.1 is matched against this CVE within minutes of ingestion and flagged at HIGH severity (CVSS 7.3 v4.0). For customers with auto-remediation enabled, HarborGuard rebuilds the image at Ghidra 12.1, runs a regression test pass, and opens a pull request against affected workloads; median time from CVE publication to merged patch PR for high-severity issues is around 90 minutes in environments with auto-remediation enabled. Where compliance policy requires manual approval, the rebuild is queued and the finding is routed to the configured team inbox for review. Because this vulnerability requires a victim to click a crafted URL inside Ghidra, immediate compensating controls for environments that cannot yet update include restricting ingestion of untrusted Ghidra project files and reminding analysts not to click URL annotations in files received from external or untrusted sources.

See how HarborGuard automates this

Fix available

12.1

Affected packages

nationalsecurityagency / ghidra
< 12.1 (from 0)
Fixed in 12.1

CVSS Vector

CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

References

Metrics

Get notified

HarborGuard Analysis

Synopsis

HarborGuard Coverage

Exploit Conditions

Blast Radius

How HarborGuard Handles This

Fix available