Dismissed suggestions Untriaged suggestions Draft issues Published issues Dismissed suggestions These automatic suggestions were dismissed after initial triaging. Restore to select a suggestion for a revision. CVE-2025-60093 4.3 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): REQUIRED Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): LOW Availability impact (A): NONE updated 3 days, 7 hours ago by @LeSuisse Activity log Created automatic suggestion 1 week, 6 days ago @LeSuisse dismissed 3 days, 7 hours ago WordPress Download Manager Plugin <= 3.3.24 - Cross Site Request Forgery (CSRF) Vulnerability Cross-Site Request Forgery (CSRF) vulnerability in Shahjada Download Manager allows Cross Site Request Forgery. This issue affects Download Manager: from n/a through 3.3.24. download-manager =<3.3.24 pkgs.lomiri.lomiri-download-manager Performs uploads and downloads from a centralized location nixos-25.05 0.2.1 nixpkgs-25.05-darwin 0.2.1 nixos-25.05-small 0.2.1 nixos-unstable 0.2.1 nixos-unstable-small 0.2.1 nixpkgs-unstable 0.2.1 Package maintainers: 1 @OPNA2608 Cosima Neidahl <opna2608@protonmail.com> CVE-2025-60092 5.3 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): LOW Integrity impact (I): NONE Availability impact (A): NONE updated 3 days, 7 hours ago by @LeSuisse Activity log Created automatic suggestion 1 week, 6 days ago @LeSuisse dismissed 3 days, 7 hours ago WordPress Download Manager Plugin <= 3.3.24 - Sensitive Data Exposure Vulnerability Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Shahjada Download Manager allows Retrieve Embedded Sensitive Data. This issue affects Download Manager: from n/a through 3.3.24. download-manager =<3.3.24 pkgs.lomiri.lomiri-download-manager Performs uploads and downloads from a centralized location nixos-25.05 0.2.1 nixpkgs-25.05-darwin 0.2.1 nixos-25.05-small 0.2.1 nixos-unstable 0.2.1 nixos-unstable-small 0.2.1 nixpkgs-unstable 0.2.1 Package maintainers: 1 @OPNA2608 Cosima Neidahl <opna2608@protonmail.com> CVE-2025-60165 4.3 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): LOW Availability impact (A): NONE updated 3 days, 7 hours ago by @LeSuisse Activity log Created automatic suggestion 1 week, 6 days ago @LeSuisse dismissed 3 days, 7 hours ago WordPress Frames Theme <= 1.5.7 - Broken Access Control Vulnerability Missing Authorization vulnerability in HaruTheme Frames allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Frames: from n/a through 1.5.7. frames =<1.5.7 pkgs.framesh Native web3 interface that lets you sign data, securely manage accounts and transparently interact with dapps via web3 protocols like Ethereum and IPFS nixos-25.05 0.6.11 nixpkgs-25.05-darwin 0.6.11 nixos-25.05-small 0.6.11 nixos-unstable 0.6.11 nixos-unstable-small 0.6.11 nixpkgs-unstable 0.6.11 pkgs.haskellPackages.javelin-frames Type-safe data frames based on higher-kinded types nixos-25.05 0.1.0.1 nixpkgs-25.05-darwin 0.1.0.1 nixos-25.05-small 0.1.0.1 nixos-unstable 0.1.0.1 nixos-unstable-small 0.1.0.1 nixpkgs-unstable 0.1.0.1 pkgs.python312Packages.llm-video-frames LLM plugin to turn a video into individual frames nixos-unstable 0.1 nixos-unstable-small 0.1 nixpkgs-unstable 0.1 pkgs.python313Packages.llm-video-frames LLM plugin to turn a video into individual frames nixos-unstable 0.1 nixos-unstable-small 0.1 nixpkgs-unstable 0.1 Package maintainers: 2 @0xnook Tom Nook <0xnook@protonmail.com> @philiptaron Philip Taron <philip.taron@gmail.com> CVE-2025-62952 8.8 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH updated 3 days, 7 hours ago by @LeSuisse Activity log Created automatic suggestion 1 week, 6 days ago @LeSuisse dismissed 3 days, 7 hours ago WordPress ChatBot plugin <= 7.3.0 - Broken Access Control vulnerability Missing Authorization vulnerability in QuantumCloud ChatBot chatbot allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ChatBot: from n/a through <= 7.3.0. chatbot =<<= 7.3.0 pkgs.gnomeExtensions.penguin-ai-chatbot A GNOME Shell extension that provides a chatbot interface using various LLM providers, including Anthropic, OpenAI, Gemini, and OpenRouter. Features include multiple provider support, customizable models, chat history, customizable appearance, a keyboard shortcut, and copy-to-clipboard functionality. nixos-25.05 22 nixpkgs-25.05-darwin 22 nixos-25.05-small 22 nixos-unstable 22 nixos-unstable-small 22 nixpkgs-unstable 22 Package maintainers: 1 @honnip Jung seungwoo <me@honnip.page> CVE-2025-64228 4.3 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): LOW Integrity impact (I): NONE Availability impact (A): NONE updated 3 days, 7 hours ago by @LeSuisse Activity log Created automatic suggestion 1 week, 6 days ago @LeSuisse dismissed 3 days, 7 hours ago WordPress SUMO Affiliates Pro plugin <= 11.0.0 - Sensitive Data Exposure vulnerability Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in FantasticPlugins SUMO Affiliates Pro affs allows Retrieve Embedded Sensitive Data.This issue affects SUMO Affiliates Pro: from n/a through <= 11.0.0. affs =<<= 11.0.0 pkgs.unyaffs Tool to extract files from a YAFFS2 file system image nixos-25.05 0.9 nixpkgs-25.05-darwin 0.9 nixos-25.05-small 0.9 nixos-unstable 0.9 nixos-unstable-small 0.9 nixpkgs-unstable 0.9 pkgs.yaffshiv Simple YAFFS file system parser and extractor nixos-25.05 0-unstable-2024-08-30 nixpkgs-25.05-darwin 0-unstable-2024-08-30 nixos-25.05-small 0-unstable-2024-08-30 nixos-unstable 0-unstable-2024-08-30 nixos-unstable-small 0-unstable-2024-08-30 nixpkgs-unstable 0-unstable-2024-08-30 Package maintainers: 2 @stigtsp Stig Palmquist <stig@stig.io> @KSJ2000 KSJ2000 <katsho123@outlook.com> CVE-2025-64354 6.5 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): REQUIRED Scope (S): CHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): LOW updated 3 days, 7 hours ago by @LeSuisse Activity log Created automatic suggestion 1 week, 6 days ago @LeSuisse dismissed 3 days, 7 hours ago WordPress Gutenberg plugin <= 21.8.2 - Cross Site Scripting (XSS) vulnerability Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Matias Ventura Gutenberg gutenberg allows Stored XSS.This issue affects Gutenberg: from n/a through <= 21.8.2. gutenberg =<<= 21.8.2 pkgs.nltk-data.gutenberg NLTK Data nixos-unstable 0-unstable-2024-07-29 nixos-unstable-small 0-unstable-2024-07-29 nixpkgs-unstable 0-unstable-2024-07-29 pkgs.wordpressPackages.plugins.gutenberg nixos-25.05 20.6.0 nixpkgs-25.05-darwin 20.6.0 nixos-25.05-small 20.6.0 nixos-unstable 20.6.0 nixos-unstable-small 20.6.0 nixpkgs-unstable 20.6.0 pkgs.haskellPackages.gutenberg-fibonaccis The first 1001 Fibonacci numbers, retrieved from the Gutenberg Project nixos-25.05 1.1.0 nixpkgs-25.05-darwin 1.1.0 nixos-25.05-small 1.1.0 nixos-unstable 1.1.0 nixos-unstable-small 1.1.0 nixpkgs-unstable 1.1.0 Package maintainers: 2 @bengsparks Ben Sparks <benjamin.sparks@protonmail.com> @happysalada Raphael Megzari <raphael@megzari.com> CVE-2025-60202 7.5 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): NONE Availability impact (A): NONE updated 3 days, 7 hours ago by @LeSuisse Activity log Created automatic suggestion 1 week, 6 days ago @LeSuisse dismissed 3 days, 7 hours ago WordPress Favorites plugin <= 2.3.6 - Local File Inclusion vulnerability Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Kyle Phillips Favorites favorites allows PHP Local File Inclusion.This issue affects Favorites: from n/a through <= 2.3.6. favorites =<<= 2.3.6 pkgs.gnomeExtensions.panel-favorites Add launchers for Favorites to the panel nixos-25.05 52 nixpkgs-25.05-darwin 52 nixos-25.05-small 52 nixos-unstable 52 nixos-unstable-small 52 nixpkgs-unstable 52 pkgs.gnomeExtensions.favorites-to-applications-grid Keep your favorite applications in your applications grid. nixos-25.05 1 nixpkgs-25.05-darwin 1 nixos-25.05-small 1 nixos-unstable 1 nixos-unstable-small 1 nixpkgs-unstable 1 Package maintainers: 1 @honnip Jung seungwoo <me@honnip.page> CVE-2025-62034 8.8 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH updated 3 days, 7 hours ago by @LeSuisse Activity log Created automatic suggestion 1 week, 6 days ago @LeSuisse dismissed 3 days, 7 hours ago WordPress Togo theme < 1.0.4 - Privilege Escalation vulnerability Incorrect Privilege Assignment vulnerability in uxper Togo togo.This issue affects Togo: from n/a through < 1.0.4. togo =<< 1.0.4 pkgs.gnomeExtensions.cryptogoldbitcoin-rate it just shows the rate of crypto gold(bitcoin) The extension uses coingecko services nixos-25.05 3 nixpkgs-25.05-darwin 3 nixos-25.05-small 3 nixos-unstable 3 nixos-unstable-small 3 nixpkgs-unstable 3 Package maintainers: 1 @honnip Jung seungwoo <me@honnip.page> CVE-2025-58964 7.1 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): REQUIRED Scope (S): CHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): LOW updated 3 days, 7 hours ago by @LeSuisse Activity log Created automatic suggestion 1 week, 6 days ago @LeSuisse dismissed 3 days, 7 hours ago WordPress Enzy theme < 1.6.4 - Cross Site Scripting (XSS) vulnerability Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in skygroup Enzy enzy allows Reflected XSS.This issue affects Enzy: from n/a through < 1.6.4. enzy =<< 1.6.4 pkgs.enzyme High-performance automatic differentiation of LLVM and MLIR nixos-25.05 0.0.176 nixpkgs-25.05-darwin 0.0.176 nixos-25.05-small 0.0.176 nixos-unstable 0.0.196 nixos-unstable-small 0.0.196 nixpkgs-unstable 0.0.196 pkgs.python312Packages.enzyme Python video metadata parser nixos-25.05 0.5.2 nixpkgs-25.05-darwin 0.5.2 nixos-25.05-small 0.5.2 nixos-unstable 0.5.2 nixos-unstable-small 0.5.2 nixpkgs-unstable 0.5.2 pkgs.python313Packages.enzyme Python video metadata parser nixos-25.05 0.5.2 nixpkgs-25.05-darwin 0.5.2 nixos-25.05-small 0.5.2 nixos-unstable 0.5.2 nixos-unstable-small 0.5.2 nixpkgs-unstable 0.5.2 Package maintainers: 1 @kiranshila Kiran Shila <me@kiranshila.com> CVE-2025-62033 6.5 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): NONE updated 3 days, 7 hours ago by @LeSuisse Activity log Created automatic suggestion 1 week, 6 days ago @LeSuisse dismissed 3 days, 7 hours ago WordPress Togo theme < 1.0.4 - Broken Access Control vulnerability Missing Authorization vulnerability in uxper Togo togo.This issue affects Togo: from n/a through < 1.0.4. togo =<< 1.0.4 pkgs.gnomeExtensions.cryptogoldbitcoin-rate it just shows the rate of crypto gold(bitcoin) The extension uses coingecko services nixos-25.05 3 nixpkgs-25.05-darwin 3 nixos-25.05-small 3 nixos-unstable 3 nixos-unstable-small 3 nixpkgs-unstable 3 Package maintainers: 1 @honnip Jung seungwoo <me@honnip.page>
CVE-2025-60093 4.3 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): REQUIRED Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): LOW Availability impact (A): NONE updated 3 days, 7 hours ago by @LeSuisse Activity log Created automatic suggestion 1 week, 6 days ago @LeSuisse dismissed 3 days, 7 hours ago WordPress Download Manager Plugin <= 3.3.24 - Cross Site Request Forgery (CSRF) Vulnerability Cross-Site Request Forgery (CSRF) vulnerability in Shahjada Download Manager allows Cross Site Request Forgery. This issue affects Download Manager: from n/a through 3.3.24. download-manager =<3.3.24 pkgs.lomiri.lomiri-download-manager Performs uploads and downloads from a centralized location nixos-25.05 0.2.1 nixpkgs-25.05-darwin 0.2.1 nixos-25.05-small 0.2.1 nixos-unstable 0.2.1 nixos-unstable-small 0.2.1 nixpkgs-unstable 0.2.1 Package maintainers: 1 @OPNA2608 Cosima Neidahl <opna2608@protonmail.com>
pkgs.lomiri.lomiri-download-manager Performs uploads and downloads from a centralized location nixos-25.05 0.2.1 nixpkgs-25.05-darwin 0.2.1 nixos-25.05-small 0.2.1 nixos-unstable 0.2.1 nixos-unstable-small 0.2.1 nixpkgs-unstable 0.2.1
CVE-2025-60092 5.3 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): LOW Integrity impact (I): NONE Availability impact (A): NONE updated 3 days, 7 hours ago by @LeSuisse Activity log Created automatic suggestion 1 week, 6 days ago @LeSuisse dismissed 3 days, 7 hours ago WordPress Download Manager Plugin <= 3.3.24 - Sensitive Data Exposure Vulnerability Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Shahjada Download Manager allows Retrieve Embedded Sensitive Data. This issue affects Download Manager: from n/a through 3.3.24. download-manager =<3.3.24 pkgs.lomiri.lomiri-download-manager Performs uploads and downloads from a centralized location nixos-25.05 0.2.1 nixpkgs-25.05-darwin 0.2.1 nixos-25.05-small 0.2.1 nixos-unstable 0.2.1 nixos-unstable-small 0.2.1 nixpkgs-unstable 0.2.1 Package maintainers: 1 @OPNA2608 Cosima Neidahl <opna2608@protonmail.com>
pkgs.lomiri.lomiri-download-manager Performs uploads and downloads from a centralized location nixos-25.05 0.2.1 nixpkgs-25.05-darwin 0.2.1 nixos-25.05-small 0.2.1 nixos-unstable 0.2.1 nixos-unstable-small 0.2.1 nixpkgs-unstable 0.2.1
CVE-2025-60165 4.3 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): LOW Availability impact (A): NONE updated 3 days, 7 hours ago by @LeSuisse Activity log Created automatic suggestion 1 week, 6 days ago @LeSuisse dismissed 3 days, 7 hours ago WordPress Frames Theme <= 1.5.7 - Broken Access Control Vulnerability Missing Authorization vulnerability in HaruTheme Frames allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Frames: from n/a through 1.5.7. frames =<1.5.7 pkgs.framesh Native web3 interface that lets you sign data, securely manage accounts and transparently interact with dapps via web3 protocols like Ethereum and IPFS nixos-25.05 0.6.11 nixpkgs-25.05-darwin 0.6.11 nixos-25.05-small 0.6.11 nixos-unstable 0.6.11 nixos-unstable-small 0.6.11 nixpkgs-unstable 0.6.11 pkgs.haskellPackages.javelin-frames Type-safe data frames based on higher-kinded types nixos-25.05 0.1.0.1 nixpkgs-25.05-darwin 0.1.0.1 nixos-25.05-small 0.1.0.1 nixos-unstable 0.1.0.1 nixos-unstable-small 0.1.0.1 nixpkgs-unstable 0.1.0.1 pkgs.python312Packages.llm-video-frames LLM plugin to turn a video into individual frames nixos-unstable 0.1 nixos-unstable-small 0.1 nixpkgs-unstable 0.1 pkgs.python313Packages.llm-video-frames LLM plugin to turn a video into individual frames nixos-unstable 0.1 nixos-unstable-small 0.1 nixpkgs-unstable 0.1 Package maintainers: 2 @0xnook Tom Nook <0xnook@protonmail.com> @philiptaron Philip Taron <philip.taron@gmail.com>
pkgs.framesh Native web3 interface that lets you sign data, securely manage accounts and transparently interact with dapps via web3 protocols like Ethereum and IPFS nixos-25.05 0.6.11 nixpkgs-25.05-darwin 0.6.11 nixos-25.05-small 0.6.11 nixos-unstable 0.6.11 nixos-unstable-small 0.6.11 nixpkgs-unstable 0.6.11
pkgs.haskellPackages.javelin-frames Type-safe data frames based on higher-kinded types nixos-25.05 0.1.0.1 nixpkgs-25.05-darwin 0.1.0.1 nixos-25.05-small 0.1.0.1 nixos-unstable 0.1.0.1 nixos-unstable-small 0.1.0.1 nixpkgs-unstable 0.1.0.1
pkgs.python312Packages.llm-video-frames LLM plugin to turn a video into individual frames nixos-unstable 0.1 nixos-unstable-small 0.1 nixpkgs-unstable 0.1
pkgs.python313Packages.llm-video-frames LLM plugin to turn a video into individual frames nixos-unstable 0.1 nixos-unstable-small 0.1 nixpkgs-unstable 0.1
CVE-2025-62952 8.8 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH updated 3 days, 7 hours ago by @LeSuisse Activity log Created automatic suggestion 1 week, 6 days ago @LeSuisse dismissed 3 days, 7 hours ago WordPress ChatBot plugin <= 7.3.0 - Broken Access Control vulnerability Missing Authorization vulnerability in QuantumCloud ChatBot chatbot allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ChatBot: from n/a through <= 7.3.0. chatbot =<<= 7.3.0 pkgs.gnomeExtensions.penguin-ai-chatbot A GNOME Shell extension that provides a chatbot interface using various LLM providers, including Anthropic, OpenAI, Gemini, and OpenRouter. Features include multiple provider support, customizable models, chat history, customizable appearance, a keyboard shortcut, and copy-to-clipboard functionality. nixos-25.05 22 nixpkgs-25.05-darwin 22 nixos-25.05-small 22 nixos-unstable 22 nixos-unstable-small 22 nixpkgs-unstable 22 Package maintainers: 1 @honnip Jung seungwoo <me@honnip.page>
pkgs.gnomeExtensions.penguin-ai-chatbot A GNOME Shell extension that provides a chatbot interface using various LLM providers, including Anthropic, OpenAI, Gemini, and OpenRouter. Features include multiple provider support, customizable models, chat history, customizable appearance, a keyboard shortcut, and copy-to-clipboard functionality. nixos-25.05 22 nixpkgs-25.05-darwin 22 nixos-25.05-small 22 nixos-unstable 22 nixos-unstable-small 22 nixpkgs-unstable 22
CVE-2025-64228 4.3 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): LOW Integrity impact (I): NONE Availability impact (A): NONE updated 3 days, 7 hours ago by @LeSuisse Activity log Created automatic suggestion 1 week, 6 days ago @LeSuisse dismissed 3 days, 7 hours ago WordPress SUMO Affiliates Pro plugin <= 11.0.0 - Sensitive Data Exposure vulnerability Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in FantasticPlugins SUMO Affiliates Pro affs allows Retrieve Embedded Sensitive Data.This issue affects SUMO Affiliates Pro: from n/a through <= 11.0.0. affs =<<= 11.0.0 pkgs.unyaffs Tool to extract files from a YAFFS2 file system image nixos-25.05 0.9 nixpkgs-25.05-darwin 0.9 nixos-25.05-small 0.9 nixos-unstable 0.9 nixos-unstable-small 0.9 nixpkgs-unstable 0.9 pkgs.yaffshiv Simple YAFFS file system parser and extractor nixos-25.05 0-unstable-2024-08-30 nixpkgs-25.05-darwin 0-unstable-2024-08-30 nixos-25.05-small 0-unstable-2024-08-30 nixos-unstable 0-unstable-2024-08-30 nixos-unstable-small 0-unstable-2024-08-30 nixpkgs-unstable 0-unstable-2024-08-30 Package maintainers: 2 @stigtsp Stig Palmquist <stig@stig.io> @KSJ2000 KSJ2000 <katsho123@outlook.com>
pkgs.unyaffs Tool to extract files from a YAFFS2 file system image nixos-25.05 0.9 nixpkgs-25.05-darwin 0.9 nixos-25.05-small 0.9 nixos-unstable 0.9 nixos-unstable-small 0.9 nixpkgs-unstable 0.9
pkgs.yaffshiv Simple YAFFS file system parser and extractor nixos-25.05 0-unstable-2024-08-30 nixpkgs-25.05-darwin 0-unstable-2024-08-30 nixos-25.05-small 0-unstable-2024-08-30 nixos-unstable 0-unstable-2024-08-30 nixos-unstable-small 0-unstable-2024-08-30 nixpkgs-unstable 0-unstable-2024-08-30
CVE-2025-64354 6.5 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): REQUIRED Scope (S): CHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): LOW updated 3 days, 7 hours ago by @LeSuisse Activity log Created automatic suggestion 1 week, 6 days ago @LeSuisse dismissed 3 days, 7 hours ago WordPress Gutenberg plugin <= 21.8.2 - Cross Site Scripting (XSS) vulnerability Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Matias Ventura Gutenberg gutenberg allows Stored XSS.This issue affects Gutenberg: from n/a through <= 21.8.2. gutenberg =<<= 21.8.2 pkgs.nltk-data.gutenberg NLTK Data nixos-unstable 0-unstable-2024-07-29 nixos-unstable-small 0-unstable-2024-07-29 nixpkgs-unstable 0-unstable-2024-07-29 pkgs.wordpressPackages.plugins.gutenberg nixos-25.05 20.6.0 nixpkgs-25.05-darwin 20.6.0 nixos-25.05-small 20.6.0 nixos-unstable 20.6.0 nixos-unstable-small 20.6.0 nixpkgs-unstable 20.6.0 pkgs.haskellPackages.gutenberg-fibonaccis The first 1001 Fibonacci numbers, retrieved from the Gutenberg Project nixos-25.05 1.1.0 nixpkgs-25.05-darwin 1.1.0 nixos-25.05-small 1.1.0 nixos-unstable 1.1.0 nixos-unstable-small 1.1.0 nixpkgs-unstable 1.1.0 Package maintainers: 2 @bengsparks Ben Sparks <benjamin.sparks@protonmail.com> @happysalada Raphael Megzari <raphael@megzari.com>
pkgs.nltk-data.gutenberg NLTK Data nixos-unstable 0-unstable-2024-07-29 nixos-unstable-small 0-unstable-2024-07-29 nixpkgs-unstable 0-unstable-2024-07-29
pkgs.wordpressPackages.plugins.gutenberg nixos-25.05 20.6.0 nixpkgs-25.05-darwin 20.6.0 nixos-25.05-small 20.6.0 nixos-unstable 20.6.0 nixos-unstable-small 20.6.0 nixpkgs-unstable 20.6.0
pkgs.haskellPackages.gutenberg-fibonaccis The first 1001 Fibonacci numbers, retrieved from the Gutenberg Project nixos-25.05 1.1.0 nixpkgs-25.05-darwin 1.1.0 nixos-25.05-small 1.1.0 nixos-unstable 1.1.0 nixos-unstable-small 1.1.0 nixpkgs-unstable 1.1.0
CVE-2025-60202 7.5 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): NONE Availability impact (A): NONE updated 3 days, 7 hours ago by @LeSuisse Activity log Created automatic suggestion 1 week, 6 days ago @LeSuisse dismissed 3 days, 7 hours ago WordPress Favorites plugin <= 2.3.6 - Local File Inclusion vulnerability Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Kyle Phillips Favorites favorites allows PHP Local File Inclusion.This issue affects Favorites: from n/a through <= 2.3.6. favorites =<<= 2.3.6 pkgs.gnomeExtensions.panel-favorites Add launchers for Favorites to the panel nixos-25.05 52 nixpkgs-25.05-darwin 52 nixos-25.05-small 52 nixos-unstable 52 nixos-unstable-small 52 nixpkgs-unstable 52 pkgs.gnomeExtensions.favorites-to-applications-grid Keep your favorite applications in your applications grid. nixos-25.05 1 nixpkgs-25.05-darwin 1 nixos-25.05-small 1 nixos-unstable 1 nixos-unstable-small 1 nixpkgs-unstable 1 Package maintainers: 1 @honnip Jung seungwoo <me@honnip.page>
pkgs.gnomeExtensions.panel-favorites Add launchers for Favorites to the panel nixos-25.05 52 nixpkgs-25.05-darwin 52 nixos-25.05-small 52 nixos-unstable 52 nixos-unstable-small 52 nixpkgs-unstable 52
pkgs.gnomeExtensions.favorites-to-applications-grid Keep your favorite applications in your applications grid. nixos-25.05 1 nixpkgs-25.05-darwin 1 nixos-25.05-small 1 nixos-unstable 1 nixos-unstable-small 1 nixpkgs-unstable 1
CVE-2025-62034 8.8 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH updated 3 days, 7 hours ago by @LeSuisse Activity log Created automatic suggestion 1 week, 6 days ago @LeSuisse dismissed 3 days, 7 hours ago WordPress Togo theme < 1.0.4 - Privilege Escalation vulnerability Incorrect Privilege Assignment vulnerability in uxper Togo togo.This issue affects Togo: from n/a through < 1.0.4. togo =<< 1.0.4 pkgs.gnomeExtensions.cryptogoldbitcoin-rate it just shows the rate of crypto gold(bitcoin) The extension uses coingecko services nixos-25.05 3 nixpkgs-25.05-darwin 3 nixos-25.05-small 3 nixos-unstable 3 nixos-unstable-small 3 nixpkgs-unstable 3 Package maintainers: 1 @honnip Jung seungwoo <me@honnip.page>
pkgs.gnomeExtensions.cryptogoldbitcoin-rate it just shows the rate of crypto gold(bitcoin) The extension uses coingecko services nixos-25.05 3 nixpkgs-25.05-darwin 3 nixos-25.05-small 3 nixos-unstable 3 nixos-unstable-small 3 nixpkgs-unstable 3
CVE-2025-58964 7.1 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): REQUIRED Scope (S): CHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): LOW updated 3 days, 7 hours ago by @LeSuisse Activity log Created automatic suggestion 1 week, 6 days ago @LeSuisse dismissed 3 days, 7 hours ago WordPress Enzy theme < 1.6.4 - Cross Site Scripting (XSS) vulnerability Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in skygroup Enzy enzy allows Reflected XSS.This issue affects Enzy: from n/a through < 1.6.4. enzy =<< 1.6.4 pkgs.enzyme High-performance automatic differentiation of LLVM and MLIR nixos-25.05 0.0.176 nixpkgs-25.05-darwin 0.0.176 nixos-25.05-small 0.0.176 nixos-unstable 0.0.196 nixos-unstable-small 0.0.196 nixpkgs-unstable 0.0.196 pkgs.python312Packages.enzyme Python video metadata parser nixos-25.05 0.5.2 nixpkgs-25.05-darwin 0.5.2 nixos-25.05-small 0.5.2 nixos-unstable 0.5.2 nixos-unstable-small 0.5.2 nixpkgs-unstable 0.5.2 pkgs.python313Packages.enzyme Python video metadata parser nixos-25.05 0.5.2 nixpkgs-25.05-darwin 0.5.2 nixos-25.05-small 0.5.2 nixos-unstable 0.5.2 nixos-unstable-small 0.5.2 nixpkgs-unstable 0.5.2 Package maintainers: 1 @kiranshila Kiran Shila <me@kiranshila.com>
pkgs.enzyme High-performance automatic differentiation of LLVM and MLIR nixos-25.05 0.0.176 nixpkgs-25.05-darwin 0.0.176 nixos-25.05-small 0.0.176 nixos-unstable 0.0.196 nixos-unstable-small 0.0.196 nixpkgs-unstable 0.0.196
pkgs.python312Packages.enzyme Python video metadata parser nixos-25.05 0.5.2 nixpkgs-25.05-darwin 0.5.2 nixos-25.05-small 0.5.2 nixos-unstable 0.5.2 nixos-unstable-small 0.5.2 nixpkgs-unstable 0.5.2
pkgs.python313Packages.enzyme Python video metadata parser nixos-25.05 0.5.2 nixpkgs-25.05-darwin 0.5.2 nixos-25.05-small 0.5.2 nixos-unstable 0.5.2 nixos-unstable-small 0.5.2 nixpkgs-unstable 0.5.2
CVE-2025-62033 6.5 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): NONE updated 3 days, 7 hours ago by @LeSuisse Activity log Created automatic suggestion 1 week, 6 days ago @LeSuisse dismissed 3 days, 7 hours ago WordPress Togo theme < 1.0.4 - Broken Access Control vulnerability Missing Authorization vulnerability in uxper Togo togo.This issue affects Togo: from n/a through < 1.0.4. togo =<< 1.0.4 pkgs.gnomeExtensions.cryptogoldbitcoin-rate it just shows the rate of crypto gold(bitcoin) The extension uses coingecko services nixos-25.05 3 nixpkgs-25.05-darwin 3 nixos-25.05-small 3 nixos-unstable 3 nixos-unstable-small 3 nixpkgs-unstable 3 Package maintainers: 1 @honnip Jung seungwoo <me@honnip.page>
pkgs.gnomeExtensions.cryptogoldbitcoin-rate it just shows the rate of crypto gold(bitcoin) The extension uses coingecko services nixos-25.05 3 nixpkgs-25.05-darwin 3 nixos-25.05-small 3 nixos-unstable 3 nixos-unstable-small 3 nixpkgs-unstable 3