Browse all 5 CVE security advisories affecting NoMachine. AI-powered Chinese analysis, POCs, and references for each vulnerability.
NoMachine provides remote desktop access solutions, enabling users to connect to and control remote systems. Historically, the software has been susceptible to multiple remote code execution vulnerabilities, often stemming from improper input validation and boundary errors in its protocol handling. Privilege escalation flaws have also been documented, allowing unauthorized users to gain elevated system access. While no major public security incidents have been widely reported, the presence of five CVEs indicates ongoing security challenges. The application's network-facing components and complex protocol implementation have made it a target for exploitation, necessitating regular updates and careful deployment in security-sensitive environments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-5055 | NoMachine Uncontrolled Search Path Element Local Privilege Escalation Vulnerability — NoMachineCWE-427 | 7.8AI | HighAI | 2026-04-11 |
| CVE-2026-5054 | NoMachine External Control of File Path Local Privilege Escalation Vulnerability — NoMachineCWE-73 | 7.8AI | HighAI | 2026-04-11 |
| CVE-2026-5053 | NoMachine External Control of File Path Arbitrary File Deletion Vulnerability — NoMachineCWE-73 | 7.1AI | HighAI | 2026-04-11 |
| CVE-2025-8614 | NoMachine Uncontrolled Search Path Element Local Privilege Escalation Vulnerability — NoMachineCWE-427 | 7.8 | - | 2025-09-02 |
| CVE-2024-7253 | NoMachine Uncontrolled Search Path Element Local Privilege Escalation Vulnerability — NoMachineCWE-427 | 7.8 | - | 2024-11-22 |
This page lists every published CVE security advisory associated with NoMachine. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.