Version 2.24 has several documented stability and security-related bugs that were addressed in the 2.25 pre-release builds:
), Windows may attempt to execute files at each space-separated segment. An attacker with write access to the root or parent directory can place a malicious executable (like C:\Program.exe SYSTEM privileges when the service restarts. Insecure File Permissions nssm-2.24 privilege escalation
When NSSM installs a service using the command: Version 2
: If the path to nssm.exe contains spaces and is not enclosed in quotes (e.g., C:\Program Files\App\nssm.exe ), Windows may attempt to execute files at every "space" in the path. An attacker can place a file like C:\Program.exe to intercept the service start and gain SYSTEM access. C:\Program Files\App\nssm.exe )