Skip to main content
CVE-2019-16941 CRITICAL POC Act Now

NSA Ghidra through 9.0.4, when experimental mode is enabled, allows arbitrary code execution if the Read XML Files feature of Bit Patterns Explorer is used with a modified XML document. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Java RCE Ghidra
NVD GitHub
CVSS 3.1
9.8
EPSS
5.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy