Skip to main content
CVE Vulnerability Database
Vulnerability Database/CVE-2026-52751

CVE-2026-52751: Ghidra Unsafe Deserialization RCE Flaw

CVE-2026-52751 is an unsafe deserialization vulnerability in Ghidra before version 12.1 that enables unauthenticated remote code execution via malicious project files. This article covers technical details, risk assessment, and remediation.

Published:

CVE-2026-52751 Overview

CVE-2026-52751 is an unsafe deserialization vulnerability [CWE-502] in Ghidra versions before 12.1. The flaw resides in the client-side Shared-Project Remote Method Invocation (RMI) connection code. Attackers can craft a malicious project file containing a ghidra:// URL that triggers deserialization of untrusted objects when a victim opens it through File → Open Project. The deserialization process leverages a Jython 2.7.4 gadget chain to execute arbitrary commands on the victim's host. Exploitation requires user interaction but no authentication, enabling unauthenticated remote code execution against reverse engineers and malware analysts who use Ghidra.

Critical Impact

Successful exploitation grants arbitrary command execution on the analyst's workstation, exposing source code, samples, and credentials in the user's context.

Affected Products

  • Ghidra versions prior to 12.1
  • Ghidra Shared-Project RMI client component
  • Installations using bundled Jython 2.7.4

Discovery Timeline

  • 2026-06-10 - CVE-2026-52751 published to the National Vulnerability Database (NVD)
  • 2026-06-10 - Last updated in NVD database

Technical Details for CVE-2026-52751

Vulnerability Analysis

Ghidra's Shared-Project feature allows analysts to collaborate over RMI. The client connection code deserializes Java objects received during connection setup without filtering classes against an allowlist. An attacker who controls the RMI endpoint referenced by a ghidra:// URL can return arbitrary serialized payloads. Because Ghidra ships with Jython 2.7.4 on its classpath, the attacker can construct a gadget chain that ends in java.lang.Runtime.exec or equivalent command execution. The result is code execution with the privileges of the Ghidra process.

The attack chain depends on the victim opening a malicious project file. Project files can embed a ghidra:// URL that is followed automatically during the File → Open Project workflow, removing the need for additional victim steps once the file is opened.

Root Cause

The root cause is the absence of a deserialization filter (such as ObjectInputFilter) on the RMI client socket. Java RMI uses native serialization by default, and any class reachable on the classpath is a candidate for instantiation. Bundling Jython provides a well-known gadget chain that converts deserialization into command execution.

Attack Vector

The attack vector is network-based with required user interaction. An attacker hosts a malicious RMI server and distributes a crafted Ghidra project file referencing it via ghidra://. When the analyst opens the project, the client connects to the attacker server and deserializes the returned payload, leading to command execution under the analyst's account.

No synthetic exploit code is published here. Refer to the VulnCheck Advisory and the GitHub Security Advisory GHSA-fgg5-g275-7742 for technical details on the gadget chain and patched code paths.

Detection Methods for CVE-2026-52751

Indicators of Compromise

  • Ghidra project files received from untrusted sources containing ghidra:// URLs pointing to external hosts
  • Outbound TCP connections from the Ghidra Java process to unexpected RMI ports (typically 1099 or high ephemeral ports)
  • Child processes spawned by the Ghidra JVM that are not part of normal analysis workflow, such as sh, cmd.exe, powershell.exe, or python

Detection Strategies

  • Inspect process trees for the Ghidra Java executable launching command interpreters or scripting hosts
  • Monitor for Java RMI traffic originating from analyst workstations to external networks
  • Hunt for newly created Ghidra project archives on shared drives or email gateways and review embedded URLs

Monitoring Recommendations

  • Log execution of ghidraRun and the underlying java process with full command lines and parent-child relationships
  • Alert on EDR telemetry showing the Ghidra JVM writing executables or scheduled tasks
  • Capture network flows from analyst subnets to identify unexpected RMI or JRMP connections

How to Mitigate CVE-2026-52751

Immediate Actions Required

  • Upgrade Ghidra to version 12.1 or later on all analyst workstations
  • Block opening of Ghidra project files received from untrusted email, chat, or web sources until patched
  • Restrict outbound network access from reverse-engineering workstations to known-good RMI endpoints only

Patch Information

The vulnerability is fixed in Ghidra 12.1. The upstream fix is tracked in the Ghidra GitHub commit 91a26910 and documented in GHSA-fgg5-g275-7742. The patch adds filtering to the Shared-Project RMI client deserialization path so that untrusted classes cannot be instantiated.

Workarounds

  • Do not open Ghidra project files (.gpr, .rep) sourced from third parties on a patched-only basis
  • Disable or avoid the Shared-Project feature until the upgrade is applied
  • Run Ghidra inside an isolated virtual machine or container with no outbound network access to limit blast radius
  • Use host firewall rules to block the Ghidra JVM from initiating outbound RMI connections
bash
# Verify installed Ghidra version and upgrade
./ghidraRun --version
# Download Ghidra 12.1+ from the official release page and replace the install directory
# Example firewall rule (Linux nftables) to block outbound RMI from analyst host
nft add rule inet filter output tcp dport {1098,1099,1100} drop

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

Default Legacy - Prefooter | Experience the World’s Most Advanced Cybersecurity Platform

Experience the Most Advanced Cybersecurity Platform

See how the world’s most intelligent, autonomous cybersecurity platform can protect your organization today and into the future.