Nmap 7.98 Arrives with a Critical Security Fix and Major Upgrades
On August 21, the Nmap development team unveiled version 7.98 of their legendary tool. At first glance, it might appear to be just another update, yet this release carries particular significance for users of Windows and macOS.
At the heart of the update lies security. The Windows installer has been rebuilt on NSIS 3.11, effectively patching the critical vulnerability CVE-2025-43715, which previously allowed attackers to escalate privileges when launched under SYSTEM. Alongside this, the bundle now ships with updated versions of OpenSSL and Lua, while the Npcap driver has been advanced to version 1.83, improving compatibility, including full PPPoE support.
macOS users have not been overlooked. A longstanding issue — the cryptic “dnet: Failed to open device en0” message on launch — has finally been resolved once and for all.
The update also delivers substantial improvements to the networking engine itself. Developers fixed a buffer overflow in FTP relays, crashes in recursive DNS handling, and performance issues in TCP Connect scans, which previously could stall or crash the scanning process. Overall, the scanner is now more resilient when handling large numbers of sockets and more precise in processing DNS responses.
Enhancements extend to the Nmap Scripting Engine (NSE) as well. The ssh-brute script now supports keyboard-interactive authentication, while tls.lua has been refined for better handling of TLS 1.3, including post-quantum algorithms. Additional fixes improve interactions with DNS zones and SSL connections.
Finally, Zenmap and related utilities received important upgrades: Unicode issues were corrected, installation crashes eliminated, and stability improved. The interface also gained new translations, making the tool more accessible to a wider audience.
In essence, Nmap 7.98 stands as a clean, reliable release — one that closes critical gaps, strengthens compatibility with modern technologies, and makes scanning significantly more stable. For anyone engaged in network security, this is an update worth installing without hesitation.
