NoMachine

NoMachine is a remote desktop and access software company. This high-severity vulnerability (CVSS 7.8) requires local access and low-level privileges to exploit, but once successful grants an attacker complete control over confidentiality, integrity, and availability of the affected system. Security teams should monitor for privilege escalation attempts and unexpected local process modifications on systems running NoMachine, and prioritize patching once the vendor releases a fix by the April 2026 deadline.