Ghidra before 11.2 contains a use after free vulnerability in the Sleigh backend caused by undefined static initialization order of the SleighArchitecture::translators and XmlArchitectureCapability singletons. Attackers can trigger an infinite loop or denial of service during shutdown by exploiting the unsafe destruction order that causes iteration over deallocated memory.
Published: 2026-06-10
Updated: 2026-06-11
Base Score: 2.1
Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P
Severity: Low
Base Score: 4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Severity: Medium
Base Score: 2.1
Vector: CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
Severity: Low
EPSS: 0.00013