The Nixpkgs Security Tracker is a web service for managing information on vulnerabilities in software distributed through Nixpkgs and NixOS. It operates on the following distinctions:

• Untriaged suggestions are automatically generated matches between a CVE and Nixpkgs derivations.
• Dismissed suggestions are CVEs that already were classified by a human as not affecting Nixpkgs.
• Draft issues are matches between a CVE and Nixpkgs attributes that were selected as security relevant. They are slated to be published as a GitHub issue, but might need further refinement.
• Published issues have a persistent identifier and link to GitHub issues, which are used for notifications and coordinating mitigation.