Nx
CVE-2026-22923
HIGH
Severity by source
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionCVE.org
A vulnerability has been identified in NX (All versions < V2512), NX (Managed Mode) (All versions < V2512). The affected application contains a data validation vulnerability that could allow an attacker with local access to interfere with internal data during the PDF export process that could potentially lead to arbitrary code execution.
AnalysisAI
Nx versions prior to V2512 contain an insufficient input validation flaw in the PDF export functionality that permits local attackers to corrupt internal data structures and achieve arbitrary code execution. An attacker with local file system access can exploit this vulnerability to manipulate the export process and gain code execution privileges. No patch is currently available for this vulnerability.
Technical ContextAI
Classified as CWE-121 (Stack-based Buffer Overflow). Affects Nx. A vulnerability has been identified in NX (All versions < V2512), NX (Managed Mode) (All versions < V2512). The affected application contains a data validation vulnerability that could allow an attacker with local access to interfere with internal data during the PDF export process that could potentially lead to arbitrary code execution.
RemediationAI
Monitor vendor advisories for a patch.
Same weakness CWE-121 – Stack-based Buffer Overflow
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today