High severity7.8NVD Advisory· Published Feb 12, 2026· Updated Apr 15, 2026

CVE-2019-25343

Description

NextVPN 4.10 contains an insecure file permissions vulnerability that allows local users to modify executable files with full access rights. Attackers can replace system executables with malicious files to gain SYSTEM or Administrator privileges through unauthorized file modification.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

vm3max.sitenvd
www.exploit-db.com/exploits/47831nvd
www.vulncheck.com/advisories/nextvpn-insecure-file-permissionsnvd

News mentions

No linked articles in our index yet.

cvss	0.507
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000