CVE-2026-53694

UNKNOWN 0.0

Potential local privileges escalation through argument injection in the nxchmod.sh script

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in Nomachine allows Argument Injection.This issue affects Nomachine: before 9.5.7, before 8.23.2.

CWE	CWE-88
Vendor	nomachine
Product	nomachine
Published	Jun 10, 2026
Last Updated	Jun 10, 2026

Stay Ahead of the Next One

Get instant alerts for nomachine nomachine

Be the first to know when new unknown vulnerabilities affecting nomachine nomachine are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

NoMachine / NoMachine

0 < 9.5.7 0 < 8.23.2

References

NVD ↗ CVE.org ↗ EPSS Data ↗

kb.nomachine.com: https://kb.nomachine.com/SU05X00274 kb.nomachine.com: https://kb.nomachine.com/SU05X00275

Credits

Vonmetz Tobias