{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-4946", "assignerOrgId": "26969f82-7e87-44d8-9cb5-f6fb926ddd43", "state": "PUBLISHED", "assignerShortName": "AHA", "dateReserved": "2026-03-27T02:17:29.992Z", "datePublished": "2026-03-29T19:35:30.692Z", "dateUpdated": "2026-03-30T15:00:34.442Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "26969f82-7e87-44d8-9cb5-f6fb926ddd43", "shortName": "AHA", "dateUpdated": "2026-03-29T19:35:30.692Z"}, "title": "NSA Ghidra Auto-Analysis Annotation Command Execution", "datePublic": "2026-03-29T18:37:00.000Z", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-78", "description": "CWE-78 Improper neutralization of special elements used in an OS command ('OS command injection')", "type": "CWE"}]}], "affected": [{"vendor": "NSA", "product": "Ghidra", "versions": [{"status": "affected", "version": "0", "lessThan": "12.0.3", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Ghidra versions prior to 12.0.3 improperly process annotation directives embedded in automatically extracted binary data, resulting in arbitrary command execution when an analyst interacts with the UI. Specifically, the @execute annotation (which is intended for trusted, user-authored comments) is also parsed in comments generated during auto-analysis (such as CFStrings in Mach-O binaries). This allows a crafted binary to present seemingly benign clickable text which, when clicked, executes attacker-controlled commands on the analyst\u2019s machine.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "Ghidra versions prior to 12.0.3 improperly process annotation directives embedded in automatically extracted binary data, resulting in arbitrary command execution when an analyst interacts with the UI. Specifically, the @execute annotation (which is intended for trusted, user-authored comments) is also parsed in comments generated during auto-analysis (such as CFStrings in Mach-O binaries). This allows a crafted binary to present seemingly benign clickable text which, when clicked, executes attacker-controlled commands on the analyst\u2019s machine."}]}], "references": [{"url": "https://takeonme.org/gcves/GCVE-1337-2026-00000000000000000000000000000000000000000000000001011111111111000111111110000000000000000000000000000000000000000000000000000000110", "tags": ["third-party-advisory"]}, {"url": "https://github.com/NationalSecurityAgency/ghidra/security/advisories/GHSA-mc3p-mq2p-xw6v", "tags": ["vendor-advisory"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseSeverity": "HIGH", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}}, {"other": {"type": "ssvc", "content": {"options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CNA", "version": "2.0.3"}}}], "credits": [{"lang": "en", "value": "Mobasi Security Team", "type": "finder"}, {"lang": "en", "value": "todb of AHA!", "type": "coordinator"}], "source": {"discovery": "EXTERNAL"}, "x_generator": {"engine": "Vulnogram 1.0.1"}}, "adp": [{"references": [{"url": "https://takeonme.org/gcves/GCVE-1337-2026-00000000000000000000000000000000000000000000000001011111111111000111111110000000000000000000000000000000000000000000000000000000110", "tags": ["exploit"]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-30T15:00:10.507577Z", "id": "CVE-2026-4946", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-30T15:00:34.442Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"cna": {"title": "NSA Ghidra Auto-Analysis Annotation Command Execution", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Mobasi Security Team"}, {"lang": "en", "type": "coordinator", "value": "todb of AHA!"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"other": {"type": "ssvc", "content": {"role": "CNA", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3"}}}], "affected": [{"vendor": "NSA", "product": "Ghidra", "versions": [{"status": "affected", "version": "0", "lessThan": "12.0.3", "versionType": "semver"}], "defaultStatus": "unaffected"}], "datePublic": "2026-03-29T18:37:00.000Z", "references": [{"url": "https://takeonme.org/gcves/GCVE-1337-2026-00000000000000000000000000000000000000000000000001011111111111000111111110000000000000000000000000000000000000000000000000000000110", "tags": ["third-party-advisory"]}, {"url": "https://github.com/NationalSecurityAgency/ghidra/security/advisories/GHSA-mc3p-mq2p-xw6v", "tags": ["vendor-advisory"]}], "x_generator": {"engine": "Vulnogram 1.0.1"}, "descriptions": [{"lang": "en", "value": "Ghidra versions prior to 12.0.3 improperly process annotation directives embedded in automatically extracted binary data, resulting in arbitrary command execution when an analyst interacts with the UI. Specifically, the @execute annotation (which is intended for trusted, user-authored comments) is also parsed in comments generated during auto-analysis (such as CFStrings in Mach-O binaries). This allows a crafted binary to present seemingly benign clickable text which, when clicked, executes attacker-controlled commands on the analyst\u2019s machine.", "supportingMedia": [{"type": "text/html", "value": "Ghidra versions prior to 12.0.3 improperly process annotation directives embedded in automatically extracted binary data, resulting in arbitrary command execution when an analyst interacts with the UI. Specifically, the @execute annotation (which is intended for trusted, user-authored comments) is also parsed in comments generated during auto-analysis (such as CFStrings in Mach-O binaries). This allows a crafted binary to present seemingly benign clickable text which, when clicked, executes attacker-controlled commands on the analyst\u2019s machine.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-78", "description": "CWE-78 Improper neutralization of special elements used in an OS command ('OS command injection')"}]}], "providerMetadata": {"orgId": "26969f82-7e87-44d8-9cb5-f6fb926ddd43", "shortName": "AHA", "dateUpdated": "2026-03-29T19:35:30.692Z"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-4946", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-30T15:00:10.507577Z"}}}], "references": [{"url": "https://takeonme.org/gcves/GCVE-1337-2026-00000000000000000000000000000000000000000000000001011111111111000111111110000000000000000000000000000000000000000000000000000000110", "tags": ["exploit"]}], "providerMetadata": {"shortName": "CISA-ADP", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "dateUpdated": "2026-03-30T15:00:29.366Z"}}]}, "cveMetadata": {"cveId": "CVE-2026-4946", "state": "PUBLISHED", "dateUpdated": "2026-03-29T19:35:30.692Z", "dateReserved": "2026-03-27T02:17:29.992Z", "assignerOrgId": "26969f82-7e87-44d8-9cb5-f6fb926ddd43", "datePublished": "2026-03-29T19:35:30.692Z", "assignerShortName": "AHA"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Ghidra versions prior to 12.0.3 improperly process annotation directives embedded in automatically extracted binary data, resulting in arbitrary command execution when an analyst interacts with the UI. Specifically, the @execute annotation (which is intended for trusted, user-authored comments) is also parsed in comments generated during auto-analysis (such as CFStrings in Mach-O binaries). This allows a crafted binary to present seemingly benign clickable text which, when clicked, executes attacker-controlled commands on the analyst\u2019s machine."}], "id": "CVE-2026-4946", "lastModified": "2026-03-30T15:16:33.710", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "cve@takeonme.org", "type": "Secondary"}]}, "published": "2026-03-29T20:16:12.723", "references": [{"source": "cve@takeonme.org", "url": "https://github.com/NationalSecurityAgency/ghidra/security/advisories/GHSA-mc3p-mq2p-xw6v"}, {"source": "cve@takeonme.org", "url": "https://takeonme.org/gcves/GCVE-1337-2026-00000000000000000000000000000000000000000000000001011111111111000111111110000000000000000000000000000000000000000000000000000000110"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "url": "https://takeonme.org/gcves/GCVE-1337-2026-00000000000000000000000000000000000000000000000001011111111111000111111110000000000000000000000000000000000000000000000000000000110"}], "sourceIdentifier": "cve@takeonme.org", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "cve@takeonme.org", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,12.0.3)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Ghidra", "source": "cna", "vendor": "NSA"}, "product": "ghidra", "vendor": "nsa"}], "analysis": {"en": {"generated_at": "2026-03-29T20:20:30.040430+00:00", "value": {"mitigation_remediation": ["Apply the latest Ghidra release (12.0.3 or newer).", "If an upgrade cannot be performed immediately, disable auto\u2011analysis of data sources that generate annotation directives such as CFStrings.", "Limit analyst interaction with annotation links from untrusted binaries and verify the source of any binary before opening it. ", "Monitor analyst workstations for unexpected command\u2011line activity and enforce least\u2011privilege execution for Ghidra."], "summary": {"action": "Immediate Patch", "impact": "Command Execution"}, "threat_synthesis": {"affected_systems": "The flaw is present in all releases of Ghidra from the National Security Agency that precede version\u202f12.0.3. Users who open malcrafted binaries containing CFStrings or similar metadata in these older versions are vulnerable whenever they interact with the generated annotation sentences.", "description_and_impact": "An engineered binary containing an @execute annotation tricks Ghidra\u2019s auto\u2011analysis into displaying clickable text that, when the analyst clicks it, runs attacker\u2011supplied commands on the analyst\u2019s machine. This abuses an OS command injection weakness (CWE\u201178) and results in arbitrary code execution within the Ghidra process, compromising confidentiality, integrity, and availability of the system hosting the analysis.", "risk_and_exploitability": "The vulnerability carries a CVSS base score of 8.8, marking it high severity. No EPSS score is available and the flaw is currently not listed in CISA\u2019s KEV catalog. The attacker must supply a malicious binary and rely on the analyst clicking the deceptive annotation; if this happens the exploit succeeds and commands execute with the privileges of the Ghidra process."}}}}, "created": "2026-03-29T20:31:13.672580+00:00", "updated": "2026-03-30T06:58:01.740507+00:00", "vendors": ["nsa", "nsa$PRODUCT$ghidra"]}