CVE-2026-42171_CVE-2026-42171

7.8 / 10

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Description

NSIS (Nullsoft Scriptable Install System) 3.06.1 before 3.12 sometimes uses the Low IL temp directory when executing as SYSTEM, allowing local attackers to gain privileges (if they can cause my_GetTempFileName to return 0, as shown in the references).

Basic Information

ID CVE-2026-42171

Source mitre

Published Apr 24, 2026 at 21:20

Modified Apr 24, 2026 at 21:21

Affected Product

Vendor Nullsoft

Product Nullsoft Scriptable Install System

Version 3.06.1

Affected Versions Nullsoft Nullsoft Scriptable Install System 3.06.1

CWE Classification

CWE-427

References

{
    "lastseen": "",
    "description": "NSIS (Nullsoft Scriptable Install System) 3.06.1 before 3.12 sometimes uses the Low IL temp directory when executing as SYSTEM, allowing local attackers to gain privileges (if they can cause my_GetTempFileName to return 0, as shown in the references).",
    "published": "2026-04-24T21:20:35.525Z",
    "modified": "2026-04-24T21:21:39.224Z",
    "type": "cve",
    "title": "CVE-2026-42171",
    "source": "mitre",
    "references": "https://nsis.sourceforge.io/Docs/AppendixF.html#v3.12-cl\nhttps://github.com/NSIS-Dev/nsis/commit/8e6f02205d5f22da6c7855dbfe59b2af667330ca\nhttps://github.com/NSIS-Dev/nsis/blob/7359413009afd4f0fff472d841fc2f2cc0e0a5f8/Source/exehead/util.c#L475-L484\nhttps://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-gettempfilename",
    "id": "CVE-2026-42171",
    "bulletinFamily": "",
    "cwe": [
        "CWE-427"
    ],
    "cvelist": null,
    "sourceData": "Nullsoft Nullsoft Scriptable Install System 3.06.1",
    "sourceHref": "",
    "cvss": {
        "score": 7.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Nullsoft Scriptable Install System",
    "version": "3.06.1",
    "vendor": "Nullsoft",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}