diff --git a/etc/inc/disable-common.inc b/etc/inc/disable-common.inc
index 0a4a7f2dc..274313bac 100644
--- a/etc/inc/disable-common.inc
+++ b/etc/inc/disable-common.inc
@@ -346,6 +346,7 @@ read-only ${HOME}/.config/mpv
 read-only ${HOME}/.config/msmtp
 read-only ${HOME}/.config/nano
 read-only ${HOME}/.config/ncmpcpp/config
+read-only ${HOME}/.config/nsxiv/exec
 read-only ${HOME}/.config/nvim
 read-only ${HOME}/.config/pkcs11
 read-only ${HOME}/.dotfiles
diff --git a/etc/inc/disable-programs.inc b/etc/inc/disable-programs.inc
index 6a435ebd5..eba64f9ba 100644
--- a/etc/inc/disable-programs.inc
+++ b/etc/inc/disable-programs.inc
@@ -193,6 +193,7 @@ blacklist ${HOME}/.cache/mypaint
 blacklist ${HOME}/.cache/netsurf
 blacklist ${HOME}/.cache/nheko
 blacklist ${HOME}/.cache/nhex
+blacklist ${HOME}/.cache/nsxiv
 blacklist ${HOME}/.cache/nvim
 blacklist ${HOME}/.cache/ocenaudio
 blacklist ${HOME}/.cache/okular
@@ -598,6 +599,7 @@ blacklist ${HOME}/.config/newsboat
 blacklist ${HOME}/.config/newsflash
 blacklist ${HOME}/.config/nheko
 blacklist ${HOME}/.config/nomacs
+blacklist ${HOME}/.config/nsxiv
 blacklist ${HOME}/.config/nuclear
 blacklist ${HOME}/.config/nvim
 blacklist ${HOME}/.config/obs-studio
diff --git a/etc/profile-m-z/nsxiv.profile b/etc/profile-m-z/nsxiv.profile
new file mode 100644
index 000000000..0537a1f34
--- /dev/null
+++ b/etc/profile-m-z/nsxiv.profile
@@ -0,0 +1,57 @@
+# Firejail profile for nsxiv
+# Description: Neo Simple X Image Viewer
+# This file is overwritten after every install/update
+quiet
+# Persistent local customizations
+include nsxiv.local
+# Persistent global definitions
+include globals.local
+
+noblacklist ${HOME}/.cache/nsxiv
+noblacklist ${HOME}/.config/nsxiv
+
+# Allow /bin/sh (blacklisted by disable-shell.inc)
+include allow-bin-sh.inc
+
+include disable-common.inc
+include disable-devel.inc
+include disable-exec.inc
+include disable-interpreters.inc
+include disable-proc.inc
+include disable-programs.inc
+include disable-shell.inc
+include disable-write-mnt.inc
+
+include whitelist-run-common.inc
+include whitelist-runuser-common.inc
+
+apparmor
+caps.drop all
+machine-id
+net none
+no3d
+nodvd
+nogroups
+noinput
+nonewprivs
+noprinters
+noroot
+nosound
+notpm
+notv
+nou2f
+novideo
+seccomp
+seccomp.block-secondary
+
+private-cache
+private-dev
+private-etc
+private-tmp
+
+dbus-user none
+dbus-system none
+
+deterministic-shutdown
+memory-deny-write-execute
+read-only ${HOME}
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config
index 93b738f8b..28fba7e93 100644
--- a/src/firecfg/firecfg.config
+++ b/src/firecfg/firecfg.config
@@ -667,6 +667,7 @@ nitroshare-ui
 nomacs
 notable
 nslookup
+nsxiv
 nuclear
 nylas
 nyx