High severity7.8NVD Advisory· Published Oct 16, 2019· Updated Jun 17, 2026
CVE-2019-17664
CVE-2019-17664
Description
NSA Ghidra through 9.0.4 uses a potentially untrusted search path. When executing Ghidra from a given path, the Java process working directory is set to this path. Then, when launching the Python interpreter via the "Ghidra Codebrowser > Window > Python" option, Ghidra will try to execute the cmd.exe program from this working directory.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- NSA/Ghidradescription
- Range: <=9.0.4
Patches
Vulnerability mechanics
References
1- github.com/NationalSecurityAgency/ghidra/issues/107nvdThird Party Advisory
News mentions
0No linked articles in our index yet.