Aggregates CVE and security vulnerability intelligence across all nomachine-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk buffer overflow, vendor risk file inclusion, vendor risk path handling, and vendor risk input validation and related problems; some flaws may lead to vendor impact file overwrite.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-5055 | NoMachine Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of NoMachine. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the NoMachine Device Server. The product loads a library from an unsecured location. An attacker can leverage this vulnerability to escalate p | [email protected] | 7.8 | 0.01% | 2026-04-11 | 2026-04-15 |
| CVE-2026-5054 | NoMachine External Control of File Path Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of NoMachine. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of command line parameters. The issue results from the lack of proper validation of a user-supplied path prior to using it in file op | [email protected] | 7.8 | 0.01% | 2026-04-11 | 2026-04-15 |
| CVE-2026-5053 | NoMachine External Control of File Path Arbitrary File Deletion Vulnerability. This vulnerability allows local attackers to delete arbitrary files on affected installations of NoMachine. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of environment variables. The issue results from the lack of proper validation of a user-supplied path prior to using it in file oper | [email protected] | 7.1 | 0.01% | 2026-04-11 | 2026-04-15 |
| CVE-2025-8614 | NoMachine Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of NoMachine. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the configuration of OpenSSL. The product loads an OpenSSL configuration file from an unsecured location. An attacker can leverage this vulner | [email protected] | 7.8 | 0.01% | 2025-09-02 | 2025-09-10 |
| CVE-2024-7253 | NoMachine Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of NoMachine. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within nxnode.exe. The process loads a library from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and exec | [email protected] | 7.8 | 0.08% | 2024-11-22 | 2025-05-21 |
| CVE-2023-39107 | An arbitrary file overwrite vulnerability in NoMachine Free Edition and Enterprise Client for macOS before v8.8.1 allows attackers to overwrite root-owned files by using hardlinks. | [email protected] | 9.1 | 0.36% | 2023-08-04 | 2024-11-21 |
| CVE-2022-48074 | An issue in NoMachine before v8.2.3 allows attackers to execute arbitrary commands via a crafted .nxs file. | [email protected] | 5.3 | 0.05% | 2023-02-03 | 2024-11-21 |
| CVE-2022-34043 | Incorrect permissions for the folder C:\ProgramData\NoMachine\var\uninstall of Nomachine v7.9.2 allows attackers to perform a DLL hijacking attack and execute arbitrary code. | [email protected] | 7.3 | 0.10% | 2022-06-29 | 2024-11-21 |
| CVE-2021-33436 | NoMachine for Windows prior to version 6.15.1 and 7.5.2 suffer from local privilege escalation due to the lack of safe DLL loading. This vulnerability allows local non-privileged users to perform DLL Hijacking via any writable directory listed under the system path and ultimately execute code as NT AUTHORITY\SYSTEM. | [email protected] | 7.3 | 0.04% | 2022-04-28 | 2024-11-21 |
| CVE-2021-42986 | NoMachine Enterprise Client is affected by Integer Overflow. IOCTL Handler 0x22001B in the NoMachine Enterprise Client above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet. | [email protected] | 8.8 | 0.16% | 2021-12-07 | 2024-11-21 |
| CVE-2021-42983 | NoMachine Enterprise Client is affected by Buffer Overflow. IOCTL Handler 0x22001B in the NoMachine Enterprise Client above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet. | [email protected] | 8.8 | 0.17% | 2021-12-07 | 2024-11-21 |
| CVE-2021-42980 | NoMachine Cloud Server is affected by Buffer Overflow. IOCTL Handler 0x22001B in the NoMachine Cloud Server above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet. | [email protected] | 8.8 | 0.17% | 2021-12-07 | 2024-11-21 |
| CVE-2021-42979 | NoMachine Cloud Server is affected by Integer Overflow. IOCTL Handler 0x22001B in the NoMachine Cloud Server above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet. | [email protected] | 8.8 | 0.16% | 2021-12-07 | 2024-11-21 |
| CVE-2021-42977 | NoMachine Enterprise Desktop is affected by Integer Overflow. IOCTL Handler 0x22001B in the NoMachine Enterprise Desktop above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet. | [email protected] | 8.8 | 0.16% | 2021-12-07 | 2024-11-21 |
| CVE-2021-42976 | NoMachine Enterprise Desktop is affected by Buffer Overflow. IOCTL Handler 0x22001B in the NoMachine Enterprise Desktop above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet. | [email protected] | 8.8 | 0.17% | 2021-12-07 | 2024-11-21 |
| CVE-2021-42973 | NoMachine Server is affected by Integer Overflow. IOCTL Handler 0x22001B in the NoMachine Server above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet. | [email protected] | 8.8 | 0.16% | 2021-12-07 | 2024-11-21 |
| CVE-2021-42972 | NoMachine Server is affected by Buffer Overflow. IOCTL Handler 0x22001B in the NoMachine Server above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet. | [email protected] | 8.8 | 0.07% | 2021-12-07 | 2024-11-21 |
| CVE-2018-20029 | The nxfs.sys driver in the DokanFS library 0.6.0 in NoMachine before 6.4.6 on Windows 10 allows local users to cause a denial of service (BSOD) because uninitialized memory can be read. | [email protected] | 5.5 | 0.04% | 2018-12-10 | 2026-02-25 |
| CVE-2018-17980 | NoMachine before 5.3.27 and 6.x before 6.3.6 allows attackers to gain privileges via a Trojan horse wintab32.dll file located in the same directory as a .nxs file, as demonstrated by a scenario where the .nxs file and the DLL are in the current working directory, and the Trojan horse code is executed. (The directory could, in general, be on a local filesystem or a network share.). | [email protected] | 7.8 | 3.67% | 2018-10-15 | 2024-11-21 |
| CVE-2018-0664 | A vulnerability in NoMachine App for Android 5.0.63 and earlier allows attackers to alter environment variables via unspecified vectors. | [email protected] | 9.8 | 0.55% | 2018-09-04 | 2024-11-21 |