Strix
26.1K

CVE-2026-42171

HIGHCVSS 7.8/10EPSS 0.21%

Last modified

CVE-2026-42171 is a high-severity vulnerability rated 7.8/10 on the CVSS scale. NSIS (Nullsoft Scriptable Install System) 3.06.1 before 3.12 sometimes uses the Low IL temp directory when executing as SYSTEM, allowing local attackers to gain privileges (if they can cause my_GetTempFileName to return 0, as shown in the references).. EPSS estimates a 0.21% chance of exploitation in the next 30 days.

Description

NSIS (Nullsoft Scriptable Install System) 3.06.1 before 3.12 sometimes uses the Low IL temp directory when executing as SYSTEM, allowing local attackers to gain privileges (if they can cause my_GetTempFileName to return 0, as shown in the references).

Metrics

CVSS 3.1
7.8/10

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Probability
0.21%

11.2th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
NullsoftNullsoft Scriptable Install System>= 3.06.1, < 3.12

References

Timeline

Published
Last Modified
Status
Analyzed

Frequently Asked Questions

What is CVE-2026-42171?
NSIS (Nullsoft Scriptable Install System) 3.06.1 before 3.12 sometimes uses the Low IL temp directory when executing as SYSTEM, allowing local attackers to gain privileges (if they can cause my_GetTempFileName to return 0, as shown in the references).
How severe is CVE-2026-42171?
CVE-2026-42171 has a CVSS score of 7.8/10 (HIGH severity). The EPSS model estimates a 0.21% probability of exploitation in the next 30 days.
How do I fix CVE-2026-42171?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2026-42171?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST