3 matches found
CVE-2026-52757
Ghidra before 12.1 contains a heap-use-after-free vulnerability in the decompiler's HighVariable::merge function during the variable merging pass. Attackers can trigger this vulnerability by crafting a binary that causes stale pointers in the HighIntersectTest::highedgemap cache to be dereference...
EUVD-2026-36016
Ghidra before 12.1 contains a heap-use-after-free vulnerability in the decompiler's HighVariable::merge function during the variable merging pass. Attackers can trigger this vulnerability by crafting a binary that causes stale pointers in the HighIntersectTest::highedgemap cache to be dereference...
PT-2026-48417
Name of the Vulnerable Software and Affected Versions Ghidra versions prior to 12.1 Description A heap-use-after-free issue exists in the decompiler's HighVariable::merge function during the variable merging pass. This occurs when a user opens a specially crafted binary in the decompiler view,...