Sentinel update: vulnerabilities remediated in NSA's Ghidra, Hayabusa, Memprocfs, & more

This is a Sentinel program update as of February 20, 2026. Since our initial January disclosures, additional vulnerabilities have been publicly disclosed and remediated across more open-source digital forensics tools.

Newly public disclosures

Arbitrary Code Execution via @execute Annotation in NSA Ghidra (High)
Issue: Ghidra could execute attacker-controlled code via the `@execute` annotation in binary-derived comments.
Impact: Arbitrary code execution during analysis of crafted artifacts.
Reference: GHSA-mc3p-mq2p-xw6v →

XSS from HTML Inputs in Hayabusa (High)
Issue: Unsanitized HTML input could trigger cross-site scripting in rendered output.
Impact: Script execution in analyst browser context when viewing malicious data.
Reference: v3.8.0 release →

Command Injection via LNK Filename in parseusbs (Critical)
Issue: Malicious LNK filenames could break command boundaries and inject shell commands.
Impact: Potential arbitrary command execution on analyst workstations.
Reference: parseusbs PR #10 →

Command Injection via -v Volume Argument in parseusbs (High)
Issue: The `-v` volume argument path handling allowed command injection through crafted input.
Impact: Attacker-controlled commands could run during workflow execution.
Reference: parseusbs PR #10 →

Out of Bounds Write in tcpflow (Medium)
Issue: Bounds handling flaw led to writes past allocated memory.
Impact: Crash risk and potential memory corruption while processing crafted input.
Reference: GHSA-q5q6-frrv-9rj6 →

Python Plugin Loader Hijack in MemProcFS (High)
Issue: Plugin loader search behavior enabled hijacking with attacker-controlled module resolution.
Impact: Untrusted Python code execution inside investigation workflows.
Reference: Fix commit →

Current Sentinel index

The Sentinel page remains the running index of public vulnerabilities and disclosure status across our reviews.