3 matches found
CVE-2026-52754
Ghidra before 12.1 contains an authentication bypass vulnerability in PKIAuthenticationModule.authenticate that allows any user with a valid CA-signed certificate to impersonate other users by presenting their public certificate with a null signature. Attackers can escalate privileges, modify...
CVE-2026-52754
Ghidra prior to 12.1 is affected by an authentication bypass in PKIAuthenticationModule.authenticate(). An attacker presenting a valid CA-signed certificate with a null signature can impersonate other users, enabling privilege escalation. Documented impacts include modifying repository access con...
EUVD-2026-36013
Ghidra before 12.1 contains an authentication bypass vulnerability in PKIAuthenticationModule.authenticate that allows any user with a valid CA-signed certificate to impersonate other users by presenting their public certificate with a null signature. Attackers can escalate privileges, modify...