How to fix CVE-2026-5054?

Within 24 hours: Identify all systems running NoMachine and document current version numbers across your environment. Within 7 days: Implement access controls restricting NoMachine usage to trusted users only and monitor NoMachine process execution logs for suspicious activity. Within 30 days: Contact NoMachine vendor for patch availability status and timeline; if patch is released, prioritize deployment on systems with elevated risk exposure. In interim, restrict unprivileged user account creation on NoMachine hosts and review privilege escalation audit logs.

CVE-2026-5054

EUVD-2026-21653 HIGH

2026-04-11 zdi

GHSA-4399-fg4g-454c

7.8

CVSS 3.0

CVSS Vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Apr 11, 2026 - 01:00 vuln.today

EUVD ID Assigned

Apr 11, 2026 - 01:00 euvd

EUVD-2026-21653

CVE Published

Apr 11, 2026 - 00:14 nvd

HIGH 7.8

Description

NoMachine External Control of File Path Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of NoMachine. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of command line parameters. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. Was ZDI-CAN-28630.

Analysis

Local privilege escalation in NoMachine allows authenticated low-privileged attackers to execute arbitrary code as root through improper validation of command line path parameters. The vulnerability stems from insufficient sanitization of user-supplied file paths in file operations, enabling path traversal to manipulate privileged system resources. …

Remediation

Within 24 hours: Identify all systems running NoMachine and document current version numbers across your environment. Within 7 days: Implement access controls restricting NoMachine usage to trusted users only and monitor NoMachine process execution logs for suspicious activity. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +39

POC: 0

CVE-2026-5054 vulnerability details – vuln.today

Back

CVE-2026-5054

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Analysis

Full analysis requires sign-in

Priority Score

Share

CVE-2026-5054

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Full analysis requires sign-in

Priority Score

Share

External POC / Exploit Code