High severity7.8NVD Advisory· Published Apr 24, 2026· Updated Apr 27, 2026

CVE-2026-42171

Description

NSIS (Nullsoft Scriptable Install System) 3.06.1 before 3.12 sometimes uses the Low IL temp directory when executing as SYSTEM, allowing local attackers to gain privileges (if they can cause my_GetTempFileName to return 0, as shown in the references).

Affected products

NSIS Dev/Nsisreferences

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/NSIS-Dev/nsis/blob/7359413009afd4f0fff472d841fc2f2cc0e0a5f8/Source/exehead/util.cnvd
github.com/NSIS-Dev/nsis/commit/8e6f02205d5f22da6c7855dbfe59b2af667330canvd
learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-gettempfilenamenvd
nsis.sourceforge.io/Docs/AppendixF.htmlnvd

News mentions

No linked articles in our index yet.

cvss	0.507
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000