CVE-2026-49498
HIGH WAF: High
CVSS 8.8
Published: 2026-06-10
CWE-89
Ghidra 11.0 before 12.1 contains a SQL injection vulnerability in the changePassword() method of PostgresFunctionDatabase that fails to escape double quotes in usernames interpolated into ALTER ROLE statements. Authenticated attackers can inject SQL commands via crafted username parameters in PasswordChange network messages to escalate to PostgreSQL superuser privileges and gain full database control.
WAF Coverage Analysis
SQL Injection
High WAF Coverage
OWASP: A03:2021 Injection
942xxx - SQL Injection
Affected Software
| Vendor | Product | Version |
|---|---|---|
| nsa | ghidra | 11.0 - 12.1 |
References
- github.com (Vendor Advisory)
- www.vulncheck.com (Third Party Advisory)