CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2026-49496

Ghidra before 12.1 contains a heap-use-after-free vulnerability in SleighBuilder::generatePointerAdd caused by iterator invalidation when PcodeCacher::allocateInstruction reallocates the issued vector. Attackers can trigger memory corruption by decompiling malicious binaries through the public Sleigh::oneInstruction C++ API, affecting downstream SLEIGH library consumers.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 2.2%

CVSS Severity

CVSS v3 Score 6.1

References

https://github.com/NationalSecurityAgency/ghidra/commit/8a3018d5efcb07d2ec40bacdd6063cb6f01c8edf
https://github.com/NationalSecurityAgency/ghidra/security/advisories/GHSA-gqh9-2c72-wpjc
https://www.vulncheck.com/advisories/ghidra-heap-use-after-free-in-sleighbuilder-generatepointeradd-via-vector-reallocation
https://github.com/NationalSecurityAgency/ghidra/security/advisories/GHSA-gqh9-2c72-wpjc

Products affected by CVE-2026-49496

Nsa » Ghidra » Version: Any

cpe:2.3:a:nsa:ghidra:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-49496

Products

Pricing

Contact Us