ZeroPath at Black Hat USA 2026

Brief Summary: Ghidra Theme Import Zip Slip Path Traversal (CVE-2026-52755)

A short review of CVE-2026-52755, a high severity Zip Slip path traversal vulnerability in Ghidra's theme import functionality that allows arbitrary file writes outside the intended directory, potentially leading to code execution via crafted ZIP files.

CVE Analysis

9 min read

ZeroPath CVE Analysis
ZeroPath CVE Analysis

2026-06-10

Brief Summary: Ghidra Theme Import Zip Slip Path Traversal (CVE-2026-52755)
Experimental AI-Generated Content

This CVE analysis is an experimental publication that is completely AI-generated. The content may contain errors or inaccuracies and is subject to change as more information becomes available. We are continuously refining our process.

If you have feedback, questions, or notice any errors, please reach out to us.

[email protected]

Introduction

The NSA's Ghidra reverse engineering framework, a tool used daily by malware analysts and security researchers to dissect untrusted binaries, contains a path traversal vulnerability in its theme import feature that allows an attacker to write arbitrary files to a victim's filesystem. The irony is hard to miss: a tool built to analyze threats can itself become the attack vector, and this is the second time the same class of vulnerability (Zip Slip) has appeared in Ghidra's codebase.

Technical Information

Root Cause

CVE-2026-52755 is classified under CWE-22: Improper Limitation of a Pathname to a Restricted Directory. The vulnerable code resides in Ghidra/Framework/Docking/src/main/java/docking/theme/gui/ThemeUtils.java, where ZIP entry names are used directly to construct file paths without any validation against the intended extraction root directory.

When a user imports a theme via the menu path Edit -> Theme -> Import, Ghidra extracts the contents of a theme ZIP file to the theme directory. The extraction logic, however, does not verify whether the resolved path of each ZIP entry actually falls within the target directory boundary. This is the textbook Zip Slip pattern: if a ZIP entry contains ../ sequences in its filename, the extracted file lands outside the intended directory.

CVSS Scoring

The vulnerability carries multiple CVSS scores depending on the version used:

  • CVSS v3.1: 8.8 (High), vector AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  • CVSS v4.0: 8.4 (High), vector CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

The initial CVE record lists a score of 7.8, which likely reflects a different scoring version or enrichment state. Regardless of which score you reference, all place this firmly in the High severity category.

Attack Flow

The exploitation follows a well understood sequence:

  1. Craft a malicious theme ZIP: The attacker creates a ZIP archive containing legitimate theme entries (e.g., ThemeZip/Theme.theme and ThemeZip/images/icon.png) alongside one or more entries with path traversal sequences in their filenames, such as images/../../../../payload.sh.

  2. Distribute the theme: The attacker delivers the malicious ZIP to the target through social engineering. Given that Ghidra users routinely share configuration files, scripts, and customizations through community forums, GitHub repositories, or direct collaboration, a malicious theme distributed through these channels could appear entirely legitimate.

  3. Victim imports the theme: The target user opens Ghidra, navigates to Edit -> Theme -> Import, and selects the malicious ZIP file.

  4. Path traversal triggers file write: During extraction, the ../ sequences in the malicious entry's filename cause the file to be written outside the theme directory. For example, images/../../../../payload.sh resolves to the user's home directory rather than the theme images subdirectory.

  5. Code execution or persistent access: Depending on the target file, the attacker achieves different outcomes:

Target FileImpactPersistence Mechanism
.bashrcArbitrary commands executed on next terminal sessionAutomatic execution when user opens a shell
.profileArbitrary commands executed on loginAutomatic execution on user login
.ssh/authorized_keysAttacker SSH public key addedEnables remote SSH access without password

The GitHub security advisory demonstrated that writing a payload script to the user's home directory and executing it via bash ~/payload.sh successfully opened the Calculator application, confirming arbitrary code execution.

The Fix

The fix introduced in Ghidra 12.0.4 adds a canonical path validation check using FileUtilities.isPathContainedWithin(). This is the same defensive pattern that was previously applied in JarDecompiler.java to fix CVE-2019-13623. The specific code change is:

File destination = new File(filePath); if (!FileUtilities.isPathContainedWithin(targetDir, destination)) { throw new IOException("Zip entry escapes target directory: " + entry.getName()); }

This ensures that the canonical resolved path of each ZIP entry destination is validated against the target extraction directory before any file write operation occurs, blocking traversal sequences from escaping the intended boundary.

Discovery

The vulnerability was reported by security researcher @PrasanthSundararajan69. The CVE was sourced through [email protected].

Affected Systems and Versions

All versions of Ghidra prior to 12.0.4 are affected. The vulnerability specifically impacts the theme import functionality in ThemeUtils.java.

  • Vulnerable: Ghidra versions before 12.0.4
  • Fixed: Ghidra 12.0.4, released March 4, 2026

Organizations running Ghidra 12.0.4 or later are already protected. The risk is concentrated on deployments running older versions, particularly those that may not have updated because the patch preceded the CVE publication by approximately three months.

It is worth noting that exploitation requires user interaction: a user must explicitly import a malicious theme ZIP file through the Ghidra GUI. Remote exploitation without social engineering is not possible.

Vendor Security History

Ghidra's security track record reveals a recurring pattern of vulnerabilities related to processing externally supplied files:

CVEYearDescriptionCVSSCWEFixed Version
CVE-2019-136232019Zip Slip path traversal in script extraction from Ghidra archives9.8CWE-229.1
CVE-2019-136252019XXE injection when opening/restoring projects via malicious project.prp files9.8CWE-6119.0.1
CVE-2026-49462026Improper processing of annotation directives enabling arbitrary command executionN/ACWE-2012.0.3
CVE-2026-527552026Zip Slip path traversal in theme import via malicious theme ZIP files8.4 (v4.0)CWE-2212.0.4

The most significant observation here is the recurrence of CWE-22 path traversal. CVE-2019-13623 and CVE-2026-52755 are both Zip Slip variants affecting archive extraction code paths. The fix for CVE-2019-13623 introduced the FileUtilities.isPathContainedWithin() utility method, but the theme import code path in ThemeUtils.java was not audited for the same class of vulnerability at that time. The defensive utility existed in the codebase for seven years before it was applied to this second vulnerable code path.

This pattern suggests that a systematic audit of all archive handling code paths in Ghidra would be warranted. The vulnerabilities consistently involve Ghidra processing externally supplied files (archives, project files, binaries with annotations, theme files), which is inherent to the tool's purpose as a reverse engineering framework but demands rigorous input validation across every such code path.

One additional note on Ghidra's vulnerability management: the Ghidra team has stated that they are "currently not authorized to generate CVEs from security advisories" and that "it will be the responsibility of the original reporter to generate a CVE." This policy means CVE assignment may lag behind advisory publication, which can complicate vulnerability tracking for organizations relying on automated CVE based systems.

References

Detect & fix
what others miss

Works with
  • GitHub
  • GitLab
  • Bitbucket
  • Azure DevOps Services
  • Jira
  • Linear
  • Slack
  • Security Compass
Security magnifying glass visualization