Nullsoft Nullsoft Scriptable Install System
2 CVEs affecting Nullsoft Nullsoft Scriptable Install System. Latest disclosed: 2026-04-24. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-43715 | High | 8.1 | 2025-04-17 | Nullsoft Scriptable Install System (NSIS) before 3.11 on Windows allows local users to escalate privileges to SYSTEM during an installation, because the tempor… |
CVE-2026-42171 | High | 7.8 | 2026-04-24 | NSIS (Nullsoft Scriptable Install System) 3.06.1 before 3.12 sometimes uses the Low IL temp directory when executing as SYSTEM, allowing local attackers to gai… |