CVE-2026-49497— National Security Agency Ghidra 路径遍历漏洞
Possible ATT&CK Techniques 1AI
T1550 · Use Alternate Authentication MaterialAffected Version Matrix 2
| ベンダー | プロダクト | Version Range | ステータス |
|---|---|---|---|
| nationalsecurityagency | ghidra | < 12.1 | affected |
12.1 | unaffected |
新しい脆弱性情報の通知を購読するログインして購読
I. CVE-2026-49497の基本情報
脆弱性情報
脆弱性についてご質問がありますか?Shenlongの分析が参考になるかご確認ください!
Shenlongの10の質問を表示 ↗ 高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。
脆弱性タイトル
Ghidra < 12.1 - Path Traversal via .gnu_debuglink in DWARF External Debug File Resolution
ソース: NVD (National Vulnerability Database)
脆弱性説明
Ghidra before 12.1 contains a path traversal vulnerability in SameDirDebugInfoProvider that fails to validate filenames from ELF binary .gnu_debuglink sections before constructing file paths. Attackers can craft malicious ELF binaries with traversal sequences to probe filesystem existence and leak CRC32 hashes of arbitrary files during automatic DWARF analysis.
ソース: NVD (National Vulnerability Database)
CVSS情報
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
ソース: NVD (National Vulnerability Database)
脆弱性タイプ
对路径名的限制不恰当(路径遍历)
ソース: NVD (National Vulnerability Database)
脆弱性タイトル
National Security Agency Ghidra 路径遍历漏洞
ソース: CNNVD (China National Vulnerability Database)
脆弱性説明
National Security Agency Ghidra是美国国家安全局(National Security Agency)的一款软件逆向工程(SRE)框架。 National Security Agency Ghidra 12.1之前版本存在路径遍历漏洞,该漏洞源于SameDirDebugInfoProvider在从ELF二进制.gnu_debuglink部分构建文件路径前未验证文件名,攻击者可制作包含遍历序列的恶意ELF二进制文件,在自动DWARF分析期间探测文件系统存在性并泄露任意文件的CRC
ソース: CNNVD (China National Vulnerability Database)
CVSS情報
N/A
ソース: CNNVD (China National Vulnerability Database)
脆弱性タイプ
N/A
ソース: CNNVD (China National Vulnerability Database)
影響を受ける製品
| ベンダー | プロダクト | 影響を受けるバージョン | CPE | 購読 |
|---|---|---|---|---|
| nationalsecurityagency | ghidra | 0 ~ 12.1 | - |
II. CVE-2026-49497の公開POC
| # | POC説明 | ソースリンク | Shenlongリンク |
|---|
AI生成POCプレミアム
公開POCは見つかりませんでした。
ログインしてAI POCを生成III. CVE-2026-49497のインテリジェンス情報
请登录查看更多情报信息。
CVE-2026-49497 厂商安全公告 (2)
Same Patch Batch · nationalsecurityagency · 2026-06-10 · 14 CVEs total
| CVE-2026-52751 | 8.8 HIGH | Ghidra < 12.1 - Remote Code Execution via Unfiltered RMI Deserialization in Shared Project |
| CVE-2026-52758 | 8.8 HIGH | Ghidra < 12.1 - SQL Injection via Unescaped Filter Values in BSim Search |
| CVE-2026-52754 | 8.8 HIGH | Ghidra < 12.1 - Authentication Bypass via Null Signature in PKIAuthenticationModule |
| CVE-2026-49498 | 8.8 HIGH | Ghidra 11.0 < 12.1 - SQL Injection in PostgreSQL Password Change via Unescaped Username |
| CVE-2026-52755 | 7.8 HIGH | Ghidra < 12.0.4 - Path Traversal via Zip Slip in Theme Import |
| CVE-2026-52750 | 7.8 HIGH | Ghidra < 12.1- Command Injection via URL Annotation Click |
| CVE-2026-52752 | 7.8 HIGH | Ghidra < 12.0.2 - Path Traversal in Extension Installer via ZIP Entry Names |
| CVE-2026-49496 | 6.1 MEDIUM | Ghidra < 12.1 - Heap-Use-After-Free in SleighBuilder::generatePointerAdd via Vector Reallo |
| CVE-2026-52753 | 5.5 MEDIUM | Ghidra < 12.0.3 - Out-of-Memory in Rust Symbol Demangler via Malformed Symbol |
| CVE-2026-49495 | 5.5 MEDIUM | Ghidra 10.2 < 12.1 - Denial of Service via Circular Reference in Mach-O Export Trie Parser |
| CVE-2026-52756 | 4.8 MEDIUM | Ghidra < 12.2 - Unauthenticated Path Traversal in Debugger ISF Server |
| CVE-2026-52757 | 4.4 MEDIUM | Ghidra < 12.1 - Heap-use-after-free in HighVariable::merge() during decompilation |
| CVE-2024-58350 | 2.9 LOW | Ghidra < 11.2 - Use After Free in Sleigh Backend via Static Initialization Order |
IV. 関連脆弱性
同じ製品: ghidra
- CVE-2026-52759
Ghidra < 12.1.1 - Denial of Service via Uncontrolled Memory - CVE-2026-52758
Ghidra < 12.1 - SQL Injection via Unescaped Filter Values in - CVE-2026-52757
Ghidra < 12.1 - Heap-use-after-free in HighVariable::merge() - CVE-2026-52756
Ghidra < 12.2 - Unauthenticated Path Traversal in Debugger I - CVE-2026-52755
Ghidra < 12.0.4 - Path Traversal via Zip Slip in Theme Impor
同じベンダー: nationalsecurityagency
- CVE-2026-52758
Ghidra < 12.1 - SQL Injection via Unescaped Filter Values in - CVE-2026-52757
Ghidra < 12.1 - Heap-use-after-free in HighVariable::merge() - CVE-2026-52756
Ghidra < 12.2 - Unauthenticated Path Traversal in Debugger I - CVE-2026-52755
Ghidra < 12.0.4 - Path Traversal via Zip Slip in Theme Impor - CVE-2026-52754
Ghidra < 12.1 - Authentication Bypass via Null Signature in
同じ弱点: CWE-22
- CVE-2026-20181
Cisco Identity Services Engine Remote Code Execution Vulnera - CVE-2026-53872
picklescan - Arbitrary File Read via Unsafe Pickle Deseriali - CVE-2025-69128
WordPress JobCareer theme <= 7.3 - Arbitrary File Deletion v - CVE-2026-52716
WordPress WorkScout-Core plugin <= 1.7.11 - Arbitrary File D - CVE-2026-54193
WordPress Fusion Builder plugin <= 3.15.4 - Arbitrary File D
V. CVE-2026-49497へのコメント
まだコメントはありません