CVE-2026-52753 is an out-of-memory vulnerability in the National Security Agency's Ghidra software before version 12.0.3. The issue exists in the rust_demangle function, which allocates output buffers without enforcing size limits. Attackers can exploit this by embedding malicious Rust symbol names in binaries, triggering exponential memory allocation and causing the analysis process to crash. No known exploits are reported in the wild, and no official fix or patch has been documented as of the publication date.

Successful exploitation results in denial of service through process crashes caused by excessive memory allocation during binary analysis. This impacts the availability of the Ghidra analysis process but does not indicate code execution or data corruption based on the provided data.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, users should exercise caution when analyzing untrusted binaries containing Rust symbols. No official remediation or temporary fix is currently documented.