Nullsoft: >> Nullsoft Scriptable Install System Security Vulnerabilities
NSIS (Nullsoft Scriptable Install System) 3.06.1 before 3.12 sometimes uses the Low IL temp directory when executing as SYSTEM, allowing local attackers to gain privileges (if they can cause my_GetTempFileName to return 0, as shown in the references).
CVSS Score
7.8
EPSS Score
0.0
Published
2026-04-24
Nullsoft Scriptable Install System (NSIS) before 3.09 mishandles access control for an uninstaller directory.
CVSS Score
5.3
EPSS Score
0.003
Published
2023-07-03
Nullsoft Scriptable Install System (NSIS) before 2.49 uses temporary folder locations that allow unprivileged local users to overwrite files. This allows a local attack in which either a plugin or the uninstaller can be replaced by a Trojan horse program.
CVSS Score
5.5
EPSS Score
0.0
Published
2018-10-01
Nullsoft Scriptable Install System (NSIS) before 2.49 has unsafe implicit linking against Version.dll. In other words, there is no protection mechanism in which a wrapper function resolves the dependency at an appropriate time during runtime.
CVSS Score
7.8
EPSS Score
0.006
Published
2018-10-01