CVE-2026-52757 — Ghidra before 12.1 contains a heap-use-after-free vulnerability in the decompiler's HighVariable::merge() function during the variable merging pass. Attackers can trigger this vulnerability by craftin — CVE Database · The Intelligence Room