Ghidra · Ghidra · CVE-2026-49496
**Name of the Vulnerable Software and Affected Versions**
Ghidra versions prior to 12.1
**Description**
A heap-use-after-free issue exists in the `SleighBuilder::generatePointerAdd` function. This occurs due to iterator invalidation when the `PcodeCacher::allocateInstruction` function reallocates the issued vector. Attackers can cause memory corruption by decompiling malicious binaries via the public `Sleigh::oneInstruction` C++ API, which impacts downstream consumers of the SLEIGH library.
**Recommendations**
Update to version 12.1 or later.