Inno Setup

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2025-15595 HIGH This Week

A privilege escalation vulnerability in Inno Setup 6.2.1 and earlier versions allows local attackers to gain elevated privileges through DLL hijacking. This vulnerability requires user interaction but no authentication, enabling attackers to execute arbitrary code with higher privileges by placing a malicious DLL in a location searched by the installer. While not currently listed in CISA KEV, the vulnerability has a moderate EPSS score of 0.043% and affects a widely-used Windows installer creation tool.

Privilege Escalation Inno Setup

NVD VulDB

CVSS 3.1

7.8

EPSS

0.0%

CVE-2025-15595

EPSS 0% CVSS 7.8

HIGH This Week

A privilege escalation vulnerability in Inno Setup 6.2.1 and earlier versions allows local attackers to gain elevated privileges through DLL hijacking. This vulnerability requires user interaction but no authentication, enabling attackers to execute arbitrary code with higher privileges by placing a malicious DLL in a location searched by the installer. While not currently listed in CISA KEV, the vulnerability has a moderate EPSS score of 0.043% and affects a widely-used Windows installer creation tool.

Privilege Escalation Inno Setup

NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy