NoMachine 9.6.3 now available for download$$$Luxembourg; May 29th; 2026$$$$$$NoMachine makes available version 9.6.x providing fixes for issues found in previous releases affecting USB device handling; file transfer reliability and Kerberos authentication. Additionally; this update includes a patch to prevent possible XSS (Cross-Site Scripting) with browser sessions.$$$$$$Trouble Reports solved$$$$$$Here is the complete list of fixes released in version 9.6.3:$$$$$$TR12W11668 - Sometimes the USB camera name is not properly identified$$$TR04X11801 - USB device forwarded to Linux may disconnect after 2 hours$$$TR11W11636 - Copying a file from remote to a shared subfolder sometimes hangs$$$TR05X11814 - Log rotation may ignore setting of the UsersDirectoryPath key$$$TR04X11807 - Windows users may be unable to use Kerberos authentication with Enterprise Client$$$TR05X11821 - Possible execution of an arbitrary XXS script during the login via web$$$TR05X11822 - It may be not possible to connect to the desktop when SDDM login manager is used

NoMachine 9.5.7 now available for download$$$Luxembourg; May 7th; 2026$$$$$$NoMachine makes available version 9.5.7; providing fixes for issues found in previous releases and a possible privilege escalation on Windows. It also sports updates to some third parties libraries and enhancements to support for CA certificates.$$$$$$OpenSSL libraries shipped by NoMachine client and server packages have been updated to v3.0.20. The full list of CVE patched by the new OpenSSL v3.0.20 is available on their Official web site at: https://github.com/openssl/openssl/releases/tag/openssl-3.0.20.$$$$$$The nxhtd component included in commercial server packages is based on httpd 2.4.67; changes in the new version of Apache are listed here: https://downloads.apache.org/httpd/CHANGES_2.4.67.$$$$$$Additionally; trusted CA certificates for PKI authentication are now supported also for connections via Web and between cluster servers peers. See https://kb.nomachine.com/AR06W01292 for instructions.$$$$$$Trouble Reports solved$$$$$$Here is the complete list of fixes released in version 9.5.7:$$$$$$TR07W11474 - Automatic session recording can freeze after the user logs-in to the system$$$TR04X11783 - Network port forwarding from and to macOS may not work$$$TR04X11777 - Users sometimes not able to authenticate to the node by web$$$TR04X11790 - In some rare cases the Windows user is unable to login to NoMachine Network$$$TR04X11776 - A black screen may occur on older macOS after a reboot$$$TR04X11787 - The client could suddenly close when uploading file through drag&drop from MacOS Tahoe$$$TR04X11773 - Kerberos Credentials Cache forwarding may not work on the nodes$$$TR04X11805 - CA-signed host certificate chain verification may fail$$$TR04X11788 - CA could be not available for connections by NX protocol in multinode environments$$$TR05V11160 - The nxserver --daemon process suddenly terminates when connections to the physical desktop are enabled on the node$$$TR04X11802 - Potential local privileges escalation through argument injection in the nxchmod.sh script$$$TR03X11769 - It may be not possible to forward devices to a Windows client

NoMachine 9.5.7 now available for download$$$Luxembourg; May 7th; 2026$$$$$$NoMachine makes available version 9.5.7; providing fixes for issues found in previous releases and a possible privilege escalation on Windows. It also sports updates to some third parties libraries and enhancements to support for CA certificates.$$$$$$OpenSSL libraries shipped by NoMachine client and server packages have been updated to v3.0.20. The full list of CVE patched by the new OpenSSL v3.0.20 is available on their Official web site at: https://github.com/openssl/openssl/releases/tag/openssl-3.0.20.$$$$$$The nxhtd component included in commercial server packages is based on httpd 2.4.67; changes in the new version of Apache are listed here: https://downloads.apache.org/httpd/CHANGES_2.4.67.$$$$$$Additionally; trusted CA certificates for PKI authentication are now supported also for connections via Web and between cluster servers peers. See https://kb.nomachine.com/AR06W01292 for instructions.$$$$$$Trouble Reports solved$$$$$$Here is the complete list of fixes released in version 9.5.7:$$$$$$TR07W11474 - Automatic session recording can freeze after the user logs-in to the system$$$TR04X11783 - Network port forwarding from and to macOS may not work$$$TR04X11777 - Users sometimes not able to authenticate to the node by web$$$TR04X11790 - In some rare cases the Windows user is unable to login to NoMachine Network$$$TR04X11776 - A black screen may occur on older macOS after a reboot$$$TR04X11787 - The client could suddenly close when uploading file through drag&drop from MacOS Tahoe$$$TR04X11773 - Kerberos Credentials Cache forwarding may not work on the nodes$$$TR04X11805 - CA-signed host certificate chain verification may fail$$$TR04X11788 - CA could be not available for connections by NX protocol in multinode environments$$$TR05V11160 - The nxserver --daemon process suddenly terminates when connections to the physical desktop are enabled on the node$$$TR04X11802 - Potential local privileges escalation through argument injection in the nxchmod.sh script$$$TR03X11769 - It may be not possible to forward devices to a Windows client

NoMachine 9.4.14 now available for download$$$Luxembourg; March 26th; 2026$$$$$$NoMachine makes available version 9.4.14; introducing a number of improvements; along with updates to third-party components affected by CVEs; as well as fixes for issues found in previous releases.$$$$$$Changes to keys in configuration files$$$$$$The new CustomXauthorityPath key in server.cfg; allows administrators to change the location of the .Xauthority file or to create separate .Xauthority files per virtual desktop session. This helps prevent XAUTHORITY conflicts in environments with shared home directories and is primarily intended for complex or enterprise deployments. The TokenExpiryTimeout key in server.cfg; lets you define the validity period of the token generated by the server to allow clients to reconnect after a connection failure. By default; the token remains valid for five minutes (300 s). Additionally; the EnableDbusLaunch key in node.cfg has been renamed into EnableDbusWrapper. This new key name is available for fresh new installations; updates will not rename the original EnableDbusLaunch key.$$$Improvements to session list and export of history$$$$$$A new option; the --no-physical parameter; allows you to exclude physical sessions from the output of session list commands (nxserver --list; nxserver --connectionlist and nxserver --history). Another new parameter; --filter item;value applies the same logic of the --format items_list option but limits the output to entries matching the specified item-value pair. The full list of available items can be obtained by running nxserver --history --format. Additionally; the nxserver --history output can now be exported in JSON or CSV formats; facilitating data integration with external analysis platforms and third-party tools.$$$$$$Perl$$$$$$A patch for CVE-2024-56406 has been applied to the current Perl version shipped by NoMachine server packages. Details about the CVE are available at: https://nvd.nist.gov/vuln/detail/CVE-2024-56406$$$Trouble Reports solved$$$$$$Here is the complete list of fixes released in version 9.4.14:$$$$$$TR02X11721 - Kerberos authentication may fail with Cannot initialize gssapi$$$TR11W11638 - Black screen after connection to macOS with a sleeping display$$$TR03X11742 - Black screen may occur when connecting to Linux physical desktops$$$TR07W11488 - On RHEL 10 starting a single application may be not possible$$$TR07W11489 - On RHEL 10; creating a virtual desktop may not be possible$$$TR01X11689 - Possible privileges escalation on Windows via named pipe impersonation (CVE-2026-5055)$$$TR02X11711 - Possible privilege escalation via a valid Kerberos ccache file (CVE-2026-5054)$$$TR02X11710 - Possible arbitrary deletion of files by exploiting the NoMachine environment variable for Kerberos cache path (CVE-2026-5053)$$$TR03X11758 - After power outage it could be no longer possible to connect via VPN$$$TR11W11630 - The connections limit counter is sometimes wrongly increased$$$TR01X11694 - License incorrectly in active state after incomplete installation using --subscriptionset$$$TR01X11699 - Possible unexpected termination of nxnode on Linux$$$TR03U10791 - Monitors of client are treated as a single monitor when the X11 graphics mode is disabled$$$TR01X11685 - In a multinode environment; session could not be started when ClientMenuconfiguration none is set on the node$$$TR02X11712 - A timeout error occurred while attempting to connect to host with private key and passphrase$$$TR01X11693 - Cannot connect to a node via Web when Duo Authentication is enabled$$$TR11W11629 - Web sessions or virtual desktops with X11 vector graphics mode disabled are counted twice in the connection limit counter$$$TR07V11189 - Unwanted scrolling when scrolling a page with two fingers in a web session$$$$$$Supported Platforms$$$$$$Windows 32-bit/64-bit 7/8/8.1/10/11$$$Windows Server 2008/2012/2016/2019/2022$$$$$$Mac Intel OS X 10.9 to 10.11; macOS 10.12 to 26$$$$$$Linux 32-bit and 64-bit$$$RHEL 6.0 to RHEL

NoMachine 9.4.14 now available for download$$$Luxembourg; March 26th; 2026$$$$$$NoMachine makes available version 9.4.14; introducing a number of improvements; along with updates to third-party components affected by CVEs; as well as fixes for issues found in previous releases.$$$$$$Changes to keys in configuration files$$$$$$The new CustomXauthorityPath key in server.cfg; allows administrators to change the location of the .Xauthority file or to create separate .Xauthority files per virtual desktop session. This helps prevent XAUTHORITY conflicts in environments with shared home directories and is primarily intended for complex or enterprise deployments. The TokenExpiryTimeout key in server.cfg; lets you define the validity period of the token generated by the server to allow clients to reconnect after a connection failure. By default; the token remains valid for five minutes (300 s). Additionally; the EnableDbusLaunch key in node.cfg has been renamed into EnableDbusWrapper. This new key name is available for fresh new installations; updates will not rename the original EnableDbusLaunch key.$$$Improvements to session list and export of history$$$$$$A new option; the --no-physical parameter; allows you to exclude physical sessions from the output of session list commands (nxserver --list; nxserver --connectionlist and nxserver --history). Another new parameter; --filter item;value applies the same logic of the --format items_list option but limits the output to entries matching the specified item-value pair. The full list of available items can be obtained by running nxserver --history --format. Additionally; the nxserver --history output can now be exported in JSON or CSV formats; facilitating data integration with external analysis platforms and third-party tools.$$$$$$Perl$$$$$$A patch for CVE-2024-56406 has been applied to the current Perl version shipped by NoMachine server packages. Details about the CVE are available at: https://nvd.nist.gov/vuln/detail/CVE-2024-56406$$$Trouble Reports solved$$$$$$Here is the complete list of fixes released in version 9.4.14:$$$$$$TR02X11721 - Kerberos authentication may fail with Cannot initialize gssapi$$$TR11W11638 - Black screen after connection to macOS with a sleeping display$$$TR03X11742 - Black screen may occur when connecting to Linux physical desktops$$$TR07W11488 - On RHEL 10 starting a single application may be not possible$$$TR07W11489 - On RHEL 10; creating a virtual desktop may not be possible$$$TR01X11689 - Possible privileges escalation on Windows via named pipe impersonation (CVE-2026-5055)$$$TR02X11711 - Possible privilege escalation via a valid Kerberos ccache file (CVE-2026-5054)$$$TR02X11710 - Possible arbitrary deletion of files by exploiting the NoMachine environment variable for Kerberos cache path (CVE-2026-5053)$$$TR03X11758 - After power outage it could be no longer possible to connect via VPN$$$TR11W11630 - The connections limit counter is sometimes wrongly increased$$$TR01X11694 - License incorrectly in active state after incomplete installation using --subscriptionset$$$TR01X11699 - Possible unexpected termination of nxnode on Linux$$$TR03U10791 - Monitors of client are treated as a single monitor when the X11 graphics mode is disabled$$$TR01X11685 - In a multinode environment; session could not be started when ClientMenuconfiguration none is set on the node$$$TR02X11712 - A timeout error occurred while attempting to connect to host with private key and passphrase$$$TR01X11693 - Cannot connect to a node via Web when Duo Authentication is enabled$$$TR11W11629 - Web sessions or virtual desktops with X11 vector graphics mode disabled are counted twice in the connection limit counter$$$TR07V11189 - Unwanted scrolling when scrolling a page with two fingers in a web session$$$$$$Supported Platforms$$$$$$Windows 32-bit/64-bit 7/8/8.1/10/11$$$Windows Server 2008/2012/2016/2019/2022$$$$$$Mac Intel OS X 10.9 to 10.11; macOS 10.12 to 26$$$$$$Linux 32-bit and 64-bit$$$RHEL 6.0 to RHEL

NoMachine 9.3.7 now available for download$$$Luxembourg; December 18th; 2025$$$$$$NoMachine makes available new version 9 packages to provide updates to third party libraries shipped with NoMachine software and to fix a number of issues affecting previous versions. The nxhtd and libexpat libraries; now based on httpd 2.4.66 and expat v2.7.3; incorporate fixes for CVE-2025-65082 and CVE-2025-59375; respectively. Whilst NoMachine may not be directly impacted by these vulnerabilities; keeping library versions up to date is essential for overall security and compatibility. This release additionally implements improvements to NoMachines load-balancing custom algorithm by allowing NoMachine virtual desktops to be load-balanced among the nodes of an Enterprise Terminal Server according to the RAM usage on the nodes.$$$$$$These are the trouble reports solved by this 9.3.7 release:$$$$$$TR12W11654 - After a quick disconnection and reconnection; sometimes the sessions cannot be resumed$$$TR11W11633 - Cannot enter filename when copying a file to Ubuntu 24 in web sessions started from Chrome$$$TR11W11622 - Disabling all profile rules in some cases overrides all the other rules set$$$TR11W11634 - NoMachine LAN hosts are not showing or are slow to appear on player v.9.2$$$TR10W11617 - Unexpected exit of server daemon process after adding a license$$$TR11W11619 - Some applications dont work correctly in KDE Plasma when NoMachine 9.2 is installed$$$TR11W11627 - Connection notification should not be clickable when the server status is not accessible$$$TR12W11644 - Load-balancing of Linux virtual desktops may not work properly when Load average or system load algorithms are used$$$TR10W11586 - Black screen connecting to Rocky Linux 9 server$$$TR11W11618 - NoMachine RPM packages cannot be verified on recent RPM-based systems$$$TR12W11658 - NoMachine server is not handling password change requests properly with Red Hat SSSD

NoMachine 9.3.7 now available for download$$$Luxembourg; December 18th; 2025$$$$$$NoMachine makes available new version 9 packages to provide updates to third party libraries shipped with NoMachine software and to fix a number of issues affecting previous versions. The nxhtd and libexpat libraries; now based on httpd 2.4.66 and expat v2.7.3; incorporate fixes for CVE-2025-65082 and CVE-2025-59375; respectively. Whilst NoMachine may not be directly impacted by these vulnerabilities; keeping library versions up to date is essential for overall security and compatibility. This release additionally implements improvements to NoMachines load-balancing custom algorithm by allowing NoMachine virtual desktops to be load-balanced among the nodes of an Enterprise Terminal Server according to the RAM usage on the nodes.$$$$$$These are the trouble reports solved by this 9.3.7 release:$$$$$$TR12W11654 - After a quick disconnection and reconnection; sometimes the sessions cannot be resumed$$$TR11W11633 - Cannot enter filename when copying a file to Ubuntu 24 in web sessions started from Chrome$$$TR11W11622 - Disabling all profile rules in some cases overrides all the other rules set$$$TR11W11634 - NoMachine LAN hosts are not showing or are slow to appear on player v.9.2$$$TR10W11617 - Unexpected exit of server daemon process after adding a license$$$TR11W11619 - Some applications dont work correctly in KDE Plasma when NoMachine 9.2 is installed$$$TR11W11627 - Connection notification should not be clickable when the server status is not accessible$$$TR12W11644 - Load-balancing of Linux virtual desktops may not work properly when Load average or system load algorithms are used$$$TR10W11586 - Black screen connecting to Rocky Linux 9 server$$$TR11W11618 - NoMachine RPM packages cannot be verified on recent RPM-based systems$$$TR12W11658 - NoMachine server is not handling password change requests properly with Red Hat SSSD

Not provided by vendor$$$Refer-https://www.nomachine.com/all-news-software-updates

Not provided by vendor$$$Refer-https://www.nomachine.com/all-news-software-updates

Not provided by vendor$$$Refer-https://www.nomachine.com/all-news-software-updates

Not provided by vendor$$$Refer-https://www.nomachine.com/all-news-software-updates

Not provided by vendor$$$Refer-https://www.nomachine.com/all-news-software-updates

Not provided by vendor$$$Refer-https://www.nomachine.com/all-news-software-updates

Not provided by vendor$$$Refer-https://kb.nomachine.com/SU01W00263

Not provided by vendor$$$Refer-https://kb.nomachine.com/SU01W00263

Not provided by vendor$$$Refer-https://kb.nomachine.com/SU07V00259

Not provided by vendor$$$Refer-https://kb.nomachine.com/SU07V00259

Not provided by vendor$$$Refer-https://kb.nomachine.com/SU07V00255

Not provided by vendor$$$Refer-https://kb.nomachine.com/SU01V00253