app-builder-lib is vulnerable to Privilege escalation. The vulnerability is due to NSExec searching the current directory of the installer before searching the system’s PATH when making a system call to open cmd.exe in the .nsh installer script. This flaw allows an attacker to exploit the situation by placing a malicious executable file named cmd.exe in the same folder as the installer, leading to the execution of the malicious file.