Dismissed suggestions Untriaged suggestions Draft issues Published issues Dismissed suggestions These automatic suggestions were dismissed after initial triaging. Restore to select a suggestion for a revision. CVE-2025-60202 7.5 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): NONE Availability impact (A): NONE updated 6 days, 14 hours ago by @LeSuisse Activity log Created automatic suggestion 2 weeks, 2 days ago @LeSuisse dismissed 6 days, 14 hours ago WordPress Favorites plugin <= 2.3.6 - Local File Inclusion vulnerability Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Kyle Phillips Favorites favorites allows PHP Local File Inclusion.This issue affects Favorites: from n/a through <= 2.3.6. favorites =<<= 2.3.6 pkgs.gnomeExtensions.panel-favorites Add launchers for Favorites to the panel nixos-25.05 52 nixpkgs-25.05-darwin 52 nixos-25.05-small 52 nixos-unstable 52 nixos-unstable-small 52 nixpkgs-unstable 52 pkgs.gnomeExtensions.favorites-to-applications-grid Keep your favorite applications in your applications grid. nixos-25.05 1 nixpkgs-25.05-darwin 1 nixos-25.05-small 1 nixos-unstable 1 nixos-unstable-small 1 nixpkgs-unstable 1 Package maintainers: 1 @honnip Jung seungwoo <me@honnip.page> CVE-2025-62034 8.8 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH updated 6 days, 14 hours ago by @LeSuisse Activity log Created automatic suggestion 2 weeks, 2 days ago @LeSuisse dismissed 6 days, 14 hours ago WordPress Togo theme < 1.0.4 - Privilege Escalation vulnerability Incorrect Privilege Assignment vulnerability in uxper Togo togo.This issue affects Togo: from n/a through < 1.0.4. togo =<< 1.0.4 pkgs.gnomeExtensions.cryptogoldbitcoin-rate it just shows the rate of crypto gold(bitcoin) The extension uses coingecko services nixos-25.05 3 nixpkgs-25.05-darwin 3 nixos-25.05-small 3 nixos-unstable 3 nixos-unstable-small 3 nixpkgs-unstable 3 Package maintainers: 1 @honnip Jung seungwoo <me@honnip.page> CVE-2025-58964 7.1 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): REQUIRED Scope (S): CHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): LOW updated 6 days, 14 hours ago by @LeSuisse Activity log Created automatic suggestion 2 weeks, 2 days ago @LeSuisse dismissed 6 days, 14 hours ago WordPress Enzy theme < 1.6.4 - Cross Site Scripting (XSS) vulnerability Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in skygroup Enzy enzy allows Reflected XSS.This issue affects Enzy: from n/a through < 1.6.4. enzy =<< 1.6.4 pkgs.enzyme High-performance automatic differentiation of LLVM and MLIR nixos-25.05 0.0.176 nixpkgs-25.05-darwin 0.0.176 nixos-25.05-small 0.0.176 nixos-unstable 0.0.196 nixos-unstable-small 0.0.196 nixpkgs-unstable 0.0.196 pkgs.python312Packages.enzyme Python video metadata parser nixos-25.05 0.5.2 nixpkgs-25.05-darwin 0.5.2 nixos-25.05-small 0.5.2 nixos-unstable 0.5.2 nixos-unstable-small 0.5.2 nixpkgs-unstable 0.5.2 pkgs.python313Packages.enzyme Python video metadata parser nixos-25.05 0.5.2 nixpkgs-25.05-darwin 0.5.2 nixos-25.05-small 0.5.2 nixos-unstable 0.5.2 nixos-unstable-small 0.5.2 nixpkgs-unstable 0.5.2 Package maintainers: 1 @kiranshila Kiran Shila <me@kiranshila.com> CVE-2025-62033 6.5 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): NONE updated 6 days, 14 hours ago by @LeSuisse Activity log Created automatic suggestion 2 weeks, 2 days ago @LeSuisse dismissed 6 days, 14 hours ago WordPress Togo theme < 1.0.4 - Broken Access Control vulnerability Missing Authorization vulnerability in uxper Togo togo.This issue affects Togo: from n/a through < 1.0.4. togo =<< 1.0.4 pkgs.gnomeExtensions.cryptogoldbitcoin-rate it just shows the rate of crypto gold(bitcoin) The extension uses coingecko services nixos-25.05 3 nixpkgs-25.05-darwin 3 nixos-25.05-small 3 nixos-unstable 3 nixos-unstable-small 3 nixpkgs-unstable 3 Package maintainers: 1 @honnip Jung seungwoo <me@honnip.page> CVE-2025-62037 6.5 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): NONE updated 6 days, 14 hours ago by @LeSuisse Activity log Created automatic suggestion 2 weeks, 2 days ago @LeSuisse dismissed 6 days, 14 hours ago WordPress Togo theme < 1.0.4 - Broken Access Control vulnerability Missing Authorization vulnerability in uxper Togo togo.This issue affects Togo: from n/a through < 1.0.4. togo =<< 1.0.4 pkgs.gnomeExtensions.cryptogoldbitcoin-rate it just shows the rate of crypto gold(bitcoin) The extension uses coingecko services nixos-25.05 3 nixpkgs-25.05-darwin 3 nixos-25.05-small 3 nixos-unstable 3 nixos-unstable-small 3 nixpkgs-unstable 3 Package maintainers: 1 @honnip Jung seungwoo <me@honnip.page> CVE-2025-62036 7.1 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): REQUIRED Scope (S): CHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): LOW updated 6 days, 14 hours ago by @LeSuisse Activity log Created automatic suggestion 2 weeks, 2 days ago @LeSuisse dismissed 6 days, 14 hours ago WordPress Togo theme < 1.0.4 - Cross Site Scripting (XSS) vulnerability Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in uxper Togo togo.This issue affects Togo: from n/a through < 1.0.4. togo =<< 1.0.4 pkgs.gnomeExtensions.cryptogoldbitcoin-rate it just shows the rate of crypto gold(bitcoin) The extension uses coingecko services nixos-25.05 3 nixpkgs-25.05-darwin 3 nixos-25.05-small 3 nixos-unstable 3 nixos-unstable-small 3 nixpkgs-unstable 3 Package maintainers: 1 @honnip Jung seungwoo <me@honnip.page> CVE-2025-62035 8.8 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH updated 6 days, 14 hours ago by @LeSuisse Activity log Created automatic suggestion 2 weeks, 2 days ago @LeSuisse dismissed 6 days, 14 hours ago WordPress Togo theme < 1.0.4 - PHP Object Injection vulnerability Deserialization of Untrusted Data vulnerability in uxper Togo togo.This issue affects Togo: from n/a through < 1.0.4. togo =<< 1.0.4 pkgs.gnomeExtensions.cryptogoldbitcoin-rate it just shows the rate of crypto gold(bitcoin) The extension uses coingecko services nixos-25.05 3 nixpkgs-25.05-darwin 3 nixos-25.05-small 3 nixos-unstable 3 nixos-unstable-small 3 nixpkgs-unstable 3 Package maintainers: 1 @honnip Jung seungwoo <me@honnip.page> CVE-2025-54721 7.1 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): REQUIRED Scope (S): CHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): LOW updated 6 days, 14 hours ago by @LeSuisse Activity log Created automatic suggestion 2 weeks, 2 days ago @LeSuisse dismissed 6 days, 14 hours ago WordPress Resca theme <= 3.0.2 - Cross Site Scripting (XSS) vulnerability Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThimPress Resca resca allows Reflected XSS.This issue affects Resca: from n/a through <= 3.0.2. resca =<<= 3.0.2 pkgs.jpegrescan Losslessly shrink any JPEG file nixos-25.05 2019-03-27 nixpkgs-25.05-darwin 2019-03-27 nixos-25.05-small 2019-03-27 nixos-unstable 2019-03-27 nixos-unstable-small 2019-03-27 nixpkgs-unstable 2019-03-27 Package maintainers: 1 @RamKromberg Ram Kromberg <ramkromberg@mail.com> CVE-2025-64277 5.3 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): LOW Availability impact (A): NONE updated 6 days, 14 hours ago by @LeSuisse Activity log Created automatic suggestion 2 weeks, 2 days ago @LeSuisse dismissed 6 days, 14 hours ago WordPress ChatBot plugin <= 7.3.9 - Broken Access Control vulnerability Missing Authorization vulnerability in QuantumCloud ChatBot chatbot allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ChatBot: from n/a through <= 7.3.9. chatbot =<<= 7.3.9 pkgs.gnomeExtensions.penguin-ai-chatbot A GNOME Shell extension that provides a chatbot interface using various LLM providers, including Anthropic, OpenAI, Gemini, and OpenRouter. Features include multiple provider support, customizable models, chat history, customizable appearance, a keyboard shortcut, and copy-to-clipboard functionality. nixos-25.05 22 nixpkgs-25.05-darwin 22 nixos-25.05-small 22 nixos-unstable 22 nixos-unstable-small 22 nixpkgs-unstable 22 Package maintainers: 1 @honnip Jung seungwoo <me@honnip.page> CVE-2025-64259 6.5 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): NONE updated 6 days, 14 hours ago by @LeSuisse Activity log Created automatic suggestion 2 weeks, 2 days ago @LeSuisse dismissed 6 days, 14 hours ago WordPress Theater for WordPress plugin <= 0.18.8 - Broken Access Control vulnerability Missing Authorization vulnerability in Jeroen Schmit Theater for WordPress theatre allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Theater for WordPress: from n/a through <= 0.18.8. theatre =<<= 0.18.8 pkgs.haskellPackages.theatre-dev Minimalistic actor library experiments nixos-25.05 0.5.0.1 nixpkgs-25.05-darwin 0.5.0.1 nixos-25.05-small 0.5.0.1 nixos-unstable 0.5.0.1 nixos-unstable-small 0.5.0.1 nixpkgs-unstable 0.5.0.1
CVE-2025-60202 7.5 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): NONE Availability impact (A): NONE updated 6 days, 14 hours ago by @LeSuisse Activity log Created automatic suggestion 2 weeks, 2 days ago @LeSuisse dismissed 6 days, 14 hours ago WordPress Favorites plugin <= 2.3.6 - Local File Inclusion vulnerability Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Kyle Phillips Favorites favorites allows PHP Local File Inclusion.This issue affects Favorites: from n/a through <= 2.3.6. favorites =<<= 2.3.6 pkgs.gnomeExtensions.panel-favorites Add launchers for Favorites to the panel nixos-25.05 52 nixpkgs-25.05-darwin 52 nixos-25.05-small 52 nixos-unstable 52 nixos-unstable-small 52 nixpkgs-unstable 52 pkgs.gnomeExtensions.favorites-to-applications-grid Keep your favorite applications in your applications grid. nixos-25.05 1 nixpkgs-25.05-darwin 1 nixos-25.05-small 1 nixos-unstable 1 nixos-unstable-small 1 nixpkgs-unstable 1 Package maintainers: 1 @honnip Jung seungwoo <me@honnip.page>
pkgs.gnomeExtensions.panel-favorites Add launchers for Favorites to the panel nixos-25.05 52 nixpkgs-25.05-darwin 52 nixos-25.05-small 52 nixos-unstable 52 nixos-unstable-small 52 nixpkgs-unstable 52
pkgs.gnomeExtensions.favorites-to-applications-grid Keep your favorite applications in your applications grid. nixos-25.05 1 nixpkgs-25.05-darwin 1 nixos-25.05-small 1 nixos-unstable 1 nixos-unstable-small 1 nixpkgs-unstable 1
CVE-2025-62034 8.8 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH updated 6 days, 14 hours ago by @LeSuisse Activity log Created automatic suggestion 2 weeks, 2 days ago @LeSuisse dismissed 6 days, 14 hours ago WordPress Togo theme < 1.0.4 - Privilege Escalation vulnerability Incorrect Privilege Assignment vulnerability in uxper Togo togo.This issue affects Togo: from n/a through < 1.0.4. togo =<< 1.0.4 pkgs.gnomeExtensions.cryptogoldbitcoin-rate it just shows the rate of crypto gold(bitcoin) The extension uses coingecko services nixos-25.05 3 nixpkgs-25.05-darwin 3 nixos-25.05-small 3 nixos-unstable 3 nixos-unstable-small 3 nixpkgs-unstable 3 Package maintainers: 1 @honnip Jung seungwoo <me@honnip.page>
pkgs.gnomeExtensions.cryptogoldbitcoin-rate it just shows the rate of crypto gold(bitcoin) The extension uses coingecko services nixos-25.05 3 nixpkgs-25.05-darwin 3 nixos-25.05-small 3 nixos-unstable 3 nixos-unstable-small 3 nixpkgs-unstable 3
CVE-2025-58964 7.1 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): REQUIRED Scope (S): CHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): LOW updated 6 days, 14 hours ago by @LeSuisse Activity log Created automatic suggestion 2 weeks, 2 days ago @LeSuisse dismissed 6 days, 14 hours ago WordPress Enzy theme < 1.6.4 - Cross Site Scripting (XSS) vulnerability Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in skygroup Enzy enzy allows Reflected XSS.This issue affects Enzy: from n/a through < 1.6.4. enzy =<< 1.6.4 pkgs.enzyme High-performance automatic differentiation of LLVM and MLIR nixos-25.05 0.0.176 nixpkgs-25.05-darwin 0.0.176 nixos-25.05-small 0.0.176 nixos-unstable 0.0.196 nixos-unstable-small 0.0.196 nixpkgs-unstable 0.0.196 pkgs.python312Packages.enzyme Python video metadata parser nixos-25.05 0.5.2 nixpkgs-25.05-darwin 0.5.2 nixos-25.05-small 0.5.2 nixos-unstable 0.5.2 nixos-unstable-small 0.5.2 nixpkgs-unstable 0.5.2 pkgs.python313Packages.enzyme Python video metadata parser nixos-25.05 0.5.2 nixpkgs-25.05-darwin 0.5.2 nixos-25.05-small 0.5.2 nixos-unstable 0.5.2 nixos-unstable-small 0.5.2 nixpkgs-unstable 0.5.2 Package maintainers: 1 @kiranshila Kiran Shila <me@kiranshila.com>
pkgs.enzyme High-performance automatic differentiation of LLVM and MLIR nixos-25.05 0.0.176 nixpkgs-25.05-darwin 0.0.176 nixos-25.05-small 0.0.176 nixos-unstable 0.0.196 nixos-unstable-small 0.0.196 nixpkgs-unstable 0.0.196
pkgs.python312Packages.enzyme Python video metadata parser nixos-25.05 0.5.2 nixpkgs-25.05-darwin 0.5.2 nixos-25.05-small 0.5.2 nixos-unstable 0.5.2 nixos-unstable-small 0.5.2 nixpkgs-unstable 0.5.2
pkgs.python313Packages.enzyme Python video metadata parser nixos-25.05 0.5.2 nixpkgs-25.05-darwin 0.5.2 nixos-25.05-small 0.5.2 nixos-unstable 0.5.2 nixos-unstable-small 0.5.2 nixpkgs-unstable 0.5.2
CVE-2025-62033 6.5 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): NONE updated 6 days, 14 hours ago by @LeSuisse Activity log Created automatic suggestion 2 weeks, 2 days ago @LeSuisse dismissed 6 days, 14 hours ago WordPress Togo theme < 1.0.4 - Broken Access Control vulnerability Missing Authorization vulnerability in uxper Togo togo.This issue affects Togo: from n/a through < 1.0.4. togo =<< 1.0.4 pkgs.gnomeExtensions.cryptogoldbitcoin-rate it just shows the rate of crypto gold(bitcoin) The extension uses coingecko services nixos-25.05 3 nixpkgs-25.05-darwin 3 nixos-25.05-small 3 nixos-unstable 3 nixos-unstable-small 3 nixpkgs-unstable 3 Package maintainers: 1 @honnip Jung seungwoo <me@honnip.page>
pkgs.gnomeExtensions.cryptogoldbitcoin-rate it just shows the rate of crypto gold(bitcoin) The extension uses coingecko services nixos-25.05 3 nixpkgs-25.05-darwin 3 nixos-25.05-small 3 nixos-unstable 3 nixos-unstable-small 3 nixpkgs-unstable 3
CVE-2025-62037 6.5 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): NONE updated 6 days, 14 hours ago by @LeSuisse Activity log Created automatic suggestion 2 weeks, 2 days ago @LeSuisse dismissed 6 days, 14 hours ago WordPress Togo theme < 1.0.4 - Broken Access Control vulnerability Missing Authorization vulnerability in uxper Togo togo.This issue affects Togo: from n/a through < 1.0.4. togo =<< 1.0.4 pkgs.gnomeExtensions.cryptogoldbitcoin-rate it just shows the rate of crypto gold(bitcoin) The extension uses coingecko services nixos-25.05 3 nixpkgs-25.05-darwin 3 nixos-25.05-small 3 nixos-unstable 3 nixos-unstable-small 3 nixpkgs-unstable 3 Package maintainers: 1 @honnip Jung seungwoo <me@honnip.page>
pkgs.gnomeExtensions.cryptogoldbitcoin-rate it just shows the rate of crypto gold(bitcoin) The extension uses coingecko services nixos-25.05 3 nixpkgs-25.05-darwin 3 nixos-25.05-small 3 nixos-unstable 3 nixos-unstable-small 3 nixpkgs-unstable 3
CVE-2025-62036 7.1 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): REQUIRED Scope (S): CHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): LOW updated 6 days, 14 hours ago by @LeSuisse Activity log Created automatic suggestion 2 weeks, 2 days ago @LeSuisse dismissed 6 days, 14 hours ago WordPress Togo theme < 1.0.4 - Cross Site Scripting (XSS) vulnerability Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in uxper Togo togo.This issue affects Togo: from n/a through < 1.0.4. togo =<< 1.0.4 pkgs.gnomeExtensions.cryptogoldbitcoin-rate it just shows the rate of crypto gold(bitcoin) The extension uses coingecko services nixos-25.05 3 nixpkgs-25.05-darwin 3 nixos-25.05-small 3 nixos-unstable 3 nixos-unstable-small 3 nixpkgs-unstable 3 Package maintainers: 1 @honnip Jung seungwoo <me@honnip.page>
pkgs.gnomeExtensions.cryptogoldbitcoin-rate it just shows the rate of crypto gold(bitcoin) The extension uses coingecko services nixos-25.05 3 nixpkgs-25.05-darwin 3 nixos-25.05-small 3 nixos-unstable 3 nixos-unstable-small 3 nixpkgs-unstable 3
CVE-2025-62035 8.8 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): LOW User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): HIGH Integrity impact (I): HIGH Availability impact (A): HIGH updated 6 days, 14 hours ago by @LeSuisse Activity log Created automatic suggestion 2 weeks, 2 days ago @LeSuisse dismissed 6 days, 14 hours ago WordPress Togo theme < 1.0.4 - PHP Object Injection vulnerability Deserialization of Untrusted Data vulnerability in uxper Togo togo.This issue affects Togo: from n/a through < 1.0.4. togo =<< 1.0.4 pkgs.gnomeExtensions.cryptogoldbitcoin-rate it just shows the rate of crypto gold(bitcoin) The extension uses coingecko services nixos-25.05 3 nixpkgs-25.05-darwin 3 nixos-25.05-small 3 nixos-unstable 3 nixos-unstable-small 3 nixpkgs-unstable 3 Package maintainers: 1 @honnip Jung seungwoo <me@honnip.page>
pkgs.gnomeExtensions.cryptogoldbitcoin-rate it just shows the rate of crypto gold(bitcoin) The extension uses coingecko services nixos-25.05 3 nixpkgs-25.05-darwin 3 nixos-25.05-small 3 nixos-unstable 3 nixos-unstable-small 3 nixpkgs-unstable 3
CVE-2025-54721 7.1 HIGH CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): REQUIRED Scope (S): CHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): LOW updated 6 days, 14 hours ago by @LeSuisse Activity log Created automatic suggestion 2 weeks, 2 days ago @LeSuisse dismissed 6 days, 14 hours ago WordPress Resca theme <= 3.0.2 - Cross Site Scripting (XSS) vulnerability Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThimPress Resca resca allows Reflected XSS.This issue affects Resca: from n/a through <= 3.0.2. resca =<<= 3.0.2 pkgs.jpegrescan Losslessly shrink any JPEG file nixos-25.05 2019-03-27 nixpkgs-25.05-darwin 2019-03-27 nixos-25.05-small 2019-03-27 nixos-unstable 2019-03-27 nixos-unstable-small 2019-03-27 nixpkgs-unstable 2019-03-27 Package maintainers: 1 @RamKromberg Ram Kromberg <ramkromberg@mail.com>
pkgs.jpegrescan Losslessly shrink any JPEG file nixos-25.05 2019-03-27 nixpkgs-25.05-darwin 2019-03-27 nixos-25.05-small 2019-03-27 nixos-unstable 2019-03-27 nixos-unstable-small 2019-03-27 nixpkgs-unstable 2019-03-27
CVE-2025-64277 5.3 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): LOW Availability impact (A): NONE updated 6 days, 14 hours ago by @LeSuisse Activity log Created automatic suggestion 2 weeks, 2 days ago @LeSuisse dismissed 6 days, 14 hours ago WordPress ChatBot plugin <= 7.3.9 - Broken Access Control vulnerability Missing Authorization vulnerability in QuantumCloud ChatBot chatbot allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ChatBot: from n/a through <= 7.3.9. chatbot =<<= 7.3.9 pkgs.gnomeExtensions.penguin-ai-chatbot A GNOME Shell extension that provides a chatbot interface using various LLM providers, including Anthropic, OpenAI, Gemini, and OpenRouter. Features include multiple provider support, customizable models, chat history, customizable appearance, a keyboard shortcut, and copy-to-clipboard functionality. nixos-25.05 22 nixpkgs-25.05-darwin 22 nixos-25.05-small 22 nixos-unstable 22 nixos-unstable-small 22 nixpkgs-unstable 22 Package maintainers: 1 @honnip Jung seungwoo <me@honnip.page>
pkgs.gnomeExtensions.penguin-ai-chatbot A GNOME Shell extension that provides a chatbot interface using various LLM providers, including Anthropic, OpenAI, Gemini, and OpenRouter. Features include multiple provider support, customizable models, chat history, customizable appearance, a keyboard shortcut, and copy-to-clipboard functionality. nixos-25.05 22 nixpkgs-25.05-darwin 22 nixos-25.05-small 22 nixos-unstable 22 nixos-unstable-small 22 nixpkgs-unstable 22
CVE-2025-64259 6.5 MEDIUM CVSS version: 3.1 Attack vector (AV): NETWORK Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): NONE Scope (S): UNCHANGED Confidentiality impact (C): LOW Integrity impact (I): LOW Availability impact (A): NONE updated 6 days, 14 hours ago by @LeSuisse Activity log Created automatic suggestion 2 weeks, 2 days ago @LeSuisse dismissed 6 days, 14 hours ago WordPress Theater for WordPress plugin <= 0.18.8 - Broken Access Control vulnerability Missing Authorization vulnerability in Jeroen Schmit Theater for WordPress theatre allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Theater for WordPress: from n/a through <= 0.18.8. theatre =<<= 0.18.8 pkgs.haskellPackages.theatre-dev Minimalistic actor library experiments nixos-25.05 0.5.0.1 nixpkgs-25.05-darwin 0.5.0.1 nixos-25.05-small 0.5.0.1 nixos-unstable 0.5.0.1 nixos-unstable-small 0.5.0.1 nixpkgs-unstable 0.5.0.1
pkgs.haskellPackages.theatre-dev Minimalistic actor library experiments nixos-25.05 0.5.0.1 nixpkgs-25.05-darwin 0.5.0.1 nixos-25.05-small 0.5.0.1 nixos-unstable 0.5.0.1 nixos-unstable-small 0.5.0.1 nixpkgs-unstable 0.5.0.1