Loading market data...
← Back to CVE feed

CVE-2024-58350

LOW CVSS 2.9 View on NVD ↗

Description

Ghidra before 11.2 contains a use after free vulnerability in the Sleigh backend caused by undefined static initialization order of the SleighArchitecture::translators and XmlArchitectureCapability singletons. Attackers can trigger an infinite loop or denial of service during shutdown by exploiting the unsafe destruction order that causes iteration over deallocated memory.

CVSS Vector

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
Published: Jun 10, 2026 14:16 UTC Modified: Jun 10, 2026 19:43 UTC