Security: nvaccess/nvda
Security Advisories
View known security vulnerabilities and report new vulnerabilities privately to maintainers.
-
Invalid certificates can be used to block access to the built-in server or Secure Desktop over remote for another user.GHSA-42v6-wjv6-h3jj published
Dec 4, 2025 by seanbuddLow -
Remote: IPC file can be hijacked to cause a denial of service on secure screensGHSA-vr27-g5ph-xvq2 published
Dec 4, 2025 by seanbuddLow -
Last braille text of currently opened session remains visible on the braille device when on secure screenGHSA-8f8q-2jc3-6rf4 published
Jun 29, 2025 by seanbuddLow -
The installer can load unwanted DLLs from its directoryGHSA-qf5h-qw92-rx2f published
Jun 29, 2025 by seanbuddHigh -
Reflected XSS through browseableMessageGHSA-xg6w-23rw-39r8 published
Feb 4, 2024 by seanbuddHigh -
Privilege escalation and unauthenticated system access via clipboard error dialogGHSA-h7pp-6jqw-g3pj published
Jan 29, 2024 by seanbuddHigh -
Python console access via "forgot my PIN" reset screenGHSA-fpwc-2gxx-j9v7 published
Jan 3, 2023 by seanbuddModerate -
Malicious add-on can hijack UAC AuthorizationGHSA-727q-h8j2-6p45 published
Mar 13, 2024 by seanbuddModerate -
Report formatting dialog allows opening a shell on secure screensGHSA-3jj9-295f-h69w published
Jan 3, 2023 by seanbuddCritical -
Speech Viewer text cached on lock screenGHSA-grvr-j2h8-3qm4 published
Jan 3, 2023 by seanbuddLow