{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-52758","assignerOrgId":"83251b91-4cc7-4094-a5c7-464a1b83ea10","state":"PUBLISHED","assignerShortName":"VulnCheck","dateReserved":"2026-06-08T15:20:09.274Z","datePublished":"2026-06-10T12:42:30.293Z","dateUpdated":"2026-06-10T13:41:02.636Z"},"containers":{"cna":{"providerMetadata":{"orgId":"83251b91-4cc7-4094-a5c7-464a1b83ea10","shortName":"VulnCheck","dateUpdated":"2026-06-10T12:42:30.293Z"},"title":"Ghidra < 12.1 - SQL Injection via Unescaped Filter Values in BSim Search","descriptions":[{"lang":"en","value":"Ghidra before 12.1 contains a SQL injection vulnerability in BSim filter types that concatenate user-supplied values directly into SQL queries without escaping or parameterization. Remote attackers can inject arbitrary SQL via the BSim network query protocol to read, modify, or delete data in the PostgreSQL database."}],"tags":["x_open-source"],"datePublic":"2026-05-14T00:00:00.000Z","problemTypes":[{"descriptions":[{"lang":"en","cweId":"CWE-89","description":"Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')","type":"CWE"}]}],"affected":[{"vendor":"nationalsecurityagency","product":"ghidra","defaultStatus":"unaffected","versions":[{"version":"11.0","status":"affected","versionType":"custom","lessThan":"12.1"},{"version":"12.1","status":"unaffected","versionType":"custom"}],"repo":"https://github.com/nationalsecurityagency/ghidra"}],"cpeApplicability":[{"nodes":[{"operator":"OR","cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nsa:ghidra:*:*:*:*:*:*:*:*","versionStartIncluding":"11.0","versionEndExcluding":"12.1"}]}]}],"metrics":[{"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}],"cvssV4_0":{"attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","subConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED","version":"4.0","baseSeverity":"HIGH","baseScore":8.7,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"}},{"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}],"cvssV3_1":{"attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","version":"3.1","baseSeverity":"HIGH","baseScore":8.8,"vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}}],"references":[{"url":"https://github.com/NationalSecurityAgency/ghidra/security/advisories/GHSA-8r4f-65cr-fwxm","name":"GitHub Security Advisory (GHSA-8r4f-65cr-fwxm)","tags":["vendor-advisory"]},{"url":"https://www.vulncheck.com/advisories/ghidra-sql-injection-via-unescaped-filter-values-in-bsim-search","tags":["third-party-advisory"]}],"credits":[{"lang":"en","value":"Sean Nejad (@allsmog)","type":"reporter"}],"x_generator":{"engine":"vulncheck"}},"adp":[{"references":[{"url":"https://github.com/NationalSecurityAgency/ghidra/security/advisories/GHSA-8r4f-65cr-fwxm","tags":["exploit"]}],"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2026-06-10T13:40:45.719936Z","id":"CVE-2026-52758","options":[{"Exploitation":"poc"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-06-10T13:41:02.636Z"}}]}}