CVE-2026-4946
Published: 29 March 2026
Summary
CVE-2026-4946 is a high-severity OS Command Injection (CWE-78) vulnerability. Its CVSS base score is 8.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked at the 16.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Requires timely remediation of the Ghidra flaw through patching to 12.0.3 or later, directly preventing arbitrary command execution from crafted binary annotations.
Mandates validation of untrusted binary data inputs during auto-analysis to block malicious @execute annotations from being processed.
Supports secure configuration of Ghidra by disabling auto-analysis features that parse executable annotations from untrusted binaries.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Vulnerability in Ghidra (client RE tool) enables code execution via crafted malicious binary (Mach-O with @execute annotation) requiring analyst interaction, directly mapping to client-side exploitation (T1203) and user execution of malicious file (T1204.002) leading to arbitrary OS command execution (T1059).
NVD Description
Ghidra versions prior to 12.0.3 improperly process annotation directives embedded in automatically extracted binary data, resulting in arbitrary command execution when an analyst interacts with the UI. Specifically, the @execute annotation (which is intended for trusted, user-authored comments) is also…
more
parsed in comments generated during auto-analysis (such as CFStrings in Mach-O binaries). This allows a crafted binary to present seemingly benign clickable text which, when clicked, executes attacker-controlled commands on the analyst’s machine.
Deeper analysisAI
CVE-2026-4946 is a high-severity vulnerability (CVSS 8.8) affecting Ghidra versions prior to 12.0.3, a reverse engineering tool developed by the National Security Agency. The flaw stems from improper processing of annotation directives embedded in automatically extracted binary data during auto-analysis. Specifically, the @execute annotation, intended only for trusted user-authored comments, is parsed in comments generated by auto-analysis features, such as those for CFStrings in Mach-O binaries. This leads to arbitrary command execution when an analyst interacts with the user interface.
An attacker can exploit this vulnerability by crafting a malicious binary that embeds the @execute directive in a way that survives auto-analysis and appears as benign clickable text in Ghidra's UI. Exploitation requires no privileges (PR:N) and can occur over the network (AV:N) with low complexity (AC:L), but demands user interaction (UI:R) from a Ghidra analyst analyzing the binary. Successful exploitation grants the attacker high-impact confidentiality, integrity, and availability compromise (C:H/I:H/A:H) through execution of arbitrary commands on the analyst's local machine, classified under CWE-78 (OS Command Injection).
The official Ghidra security advisory (GHSA-mc3p-mq2p-xw6v) and related references recommend upgrading to Ghidra 12.0.3 or later, which addresses the improper parsing of annotations in auto-generated comments. Practitioners should avoid analyzing untrusted binaries until patching and consider disabling auto-analysis or reviewing generated comments carefully in vulnerable versions.
Details
- CWE(s)