Main Vulnerability Database Vulnerabilities #VU131576

Path traversal in Ghidra - #VU131576

Published: May 15, 2026

Vulnerability identifier: #VU131576

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: N/A

CWE-ID: CWE-22

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: National Security Agency

Affected software:
Ghidra

Detailed vulnerability description

The vulnerability allows a remote attacker to disclose sensitive information.

The vulnerability exists due to path traversal in SameDirDebugInfoProvider when processing a crafted ELF binary with a .gnu_debuglink filename during automatic DWARF analysis. A remote attacker can supply a specially crafted ELF binary to disclose sensitive information.

User interaction is required to open the crafted ELF binary, and in headless analysis environments the resulting log output may be captured and returned to the submitter.

Remediation

Install security update from vendor's website.

Sources

https://github.com/NationalSecurityAgency/ghidra/security/advisories/GHSA-57g6-7qw2-p5hx

Path traversal in Ghidra - #VU131576

Detailed vulnerability description

Remediation

Sources

Please verify you're human