Description

NSIS (Nullsoft Scriptable Install System) 3.06.1 before 3.12 sometimes uses the Low IL temp directory when executing as SYSTEM, allowing local attackers to gain privileges (if they can cause my_GetTempFileName to return 0, as shown in the references).

INFO

Published Date :

2026-04-24T21:20:35.525Z

Last Modified :

2026-04-25T01:56:37.358Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2026-42171 vulnerability.

Vendors Products
Nullsoft
  • Nullsoft Scriptable Install System
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-42171.

URL Resource
https://github.com/NSIS-Dev/nsis/blob/7359413009afd4f0fff472d841fc2f2cc0e0a5f8/Source/exehead/util.c#L475-L484 cve-icon cve-icon
https://github.com/NSIS-Dev/nsis/commit/8e6f02205d5f22da6c7855dbfe59b2af667330ca cve-icon cve-icon
https://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-gettempfilename cve-icon cve-icon
https://nsis.sourceforge.io/Docs/AppendixF.html#v3.12-cl cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact