Nixpkgs security tracker

Login with GitHub

Published issues

All published security issues are tracked and resolved on GitHub.

NIXPKGS-2026-1986
published 12 hours ago
OpenColorIO vulnerable to stack buffer overflow via unbounded `sscanf %s` in Spi3D (.spi3d) LUT parser
Permalink CVE-2026-42450
8.4 HIGH
  • CVSS version (CVSS): 4.0
  • Attack Vector (AV): Local (L)
  • Attack Complexity (AC): Low (L)
  • Attack Requirement (AT): None (N)
  • Privileges Required (PR): None (N)
  • User Interaction (UI): Active (A)
  • Vulnerable System Impact Confidentiality (VC): High (H)
  • Vulnerable System Impact Integrity (VI): High (H)
  • Vulnerable System Impact Availability (VA): High (H)
  • Subsequent System Impact Confidentiality (SC): None (N)
  • Subsequent System Impact Integrity (SI): None (N)
  • Subsequent System Impact Availability (SA): None (N)
  • Modified Attack Vector (MAV): Local (L)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Attack Requirement (MAT): None (N)
  • Modified Privileges Required (MPR): None (N)
  • Modified User Interaction (MUI): Active (A)
  • Modified Vulnerable System Impact Confidentiality (MVC): High (H)
  • Modified Vulnerable System Impact Integrity (MVI): High (H)
  • Modified Vulnerable System Impact Availability (MVA): High (H)
  • Modified Subsequent System Impact Confidentiality (MSC): Negligible (N)
  • Modified Subsequent System Impact Integrity (MSI): Negligible (N)
  • Modified Subsequent System Impact Availability (MSA): Negligible (N)
  • Safety (S): Not Defined (X)
  • Automatable (AU): Not Defined (X)
  • Recovery (R): Not Defined (X)
  • Value Density (V): Not Defined (X)
  • Vulnerability Response Effort (RE): Not Defined (X)
  • Provider Urgency (U): Not Defined (X)
  • Confidentiality Req. (CR): Not Defined (X)
  • Integrity Req. (IR): Not Defined (X)
  • Availability Req. (AR): Not Defined (X)
  • Exploit Maturity (E): Not Defined (X)
updated 12 hours ago by @LeSuisse Activity log
  • Created suggestion 18 hours ago
  • @LeSuisse ignored package opencolorio_1 12 hours ago
  • @LeSuisse accepted 12 hours ago
  • @LeSuisse published on GitHub 12 hours ago

OpenColorIO vulnerable to stack buffer overflow via unbounded `sscanf %s` in Spi3D (.spi3d) LUT parser

OpenColorIO
  • ==< 2.5.2
NIXPKGS-2026-1985
published 12 hours ago
motionEye: World-Readable Configuration File Exposes Admin Password Hash
Permalink CVE-2026-32315
5.5 MEDIUM
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Local (L)
  • Attack Complexity (AC): Low (L)
  • Privileges Required (PR): Low (L)
  • User Interaction (UI): None (N)
  • Scope (S): Unchanged (U)
  • Confidentiality (C): High (H)
  • Integrity (I): None (N)
  • Availability (A): None (N)
  • Modified Attack Vector (MAV): Local (L)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Privileges Required (MPR): Low (L)
  • Modified User Interaction (MUI): None (N)
  • Modified Confidentiality (MC): High (H)
  • Modified Scope (MS): Unchanged (U)
  • Modified Integrity (MI): None (N)
  • Modified Availability (MA): None (N)
updated 12 hours ago by @LeSuisse Activity log
  • Created suggestion 19 hours ago
  • @LeSuisse ignored
    4 packages
    • python312Packages.motioneye-client
    • python313Packages.motioneye-client
    • home-assistant-component-tests.motioneye
    • python314Packages.motioneye-client
    12 hours ago
  • @LeSuisse accepted 12 hours ago
  • @LeSuisse published on GitHub 12 hours ago

motionEye: World-Readable Configuration File Exposes Admin Password Hash

motioneye
  • ==< 0.44.0
NIXPKGS-2026-1984
published 12 hours ago
py7zr: Arbitrary File Write Vulnerability
Permalink CVE-2026-23879
8.0 HIGH
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Network (N)
  • Attack Complexity (AC): Low (L)
  • Privileges Required (PR): Low (L)
  • User Interaction (UI): Required (R)
  • Scope (S): Unchanged (U)
  • Confidentiality (C): High (H)
  • Integrity (I): High (H)
  • Availability (A): High (H)
  • Modified Attack Vector (MAV): Network (N)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Privileges Required (MPR): Low (L)
  • Modified User Interaction (MUI): Required (R)
  • Modified Confidentiality (MC): High (H)
  • Modified Scope (MS): Unchanged (U)
  • Modified Integrity (MI): High (H)
  • Modified Availability (MA): High (H)
updated 12 hours ago by @LeSuisse Activity log
  • Created suggestion 19 hours ago
  • @LeSuisse accepted 12 hours ago
  • @LeSuisse published on GitHub 12 hours ago

py7zr: Arbitrary File Write Vulnerability

py7zr
  • ==< 1.1.3
NIXPKGS-2026-1983
published 12 hours ago
ProFTPD ACL Bypass via /proc/self/root Path Prefix in RNFR
Permalink CVE-2026-35025
8.6 HIGH
  • CVSS version (CVSS): 4.0
  • Attack Vector (AV): Network (N)
  • Attack Complexity (AC): Low (L)
  • Attack Requirement (AT): None (N)
  • Privileges Required (PR): Low (L)
  • User Interaction (UI): None (N)
  • Vulnerable System Impact Confidentiality (VC): High (H)
  • Vulnerable System Impact Integrity (VI): High (H)
  • Vulnerable System Impact Availability (VA): None (N)
  • Subsequent System Impact Confidentiality (SC): None (N)
  • Subsequent System Impact Integrity (SI): None (N)
  • Subsequent System Impact Availability (SA): None (N)
  • Modified Attack Vector (MAV): Network (N)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Attack Requirement (MAT): None (N)
  • Modified Privileges Required (MPR): Low (L)
  • Modified User Interaction (MUI): None (N)
  • Modified Vulnerable System Impact Confidentiality (MVC): High (H)
  • Modified Vulnerable System Impact Integrity (MVI): High (H)
  • Modified Vulnerable System Impact Availability (MVA): None (N)
  • Modified Subsequent System Impact Confidentiality (MSC): Negligible (N)
  • Modified Subsequent System Impact Integrity (MSI): Negligible (N)
  • Modified Subsequent System Impact Availability (MSA): Negligible (N)
  • Safety (S): Not Defined (X)
  • Automatable (AU): Not Defined (X)
  • Recovery (R): Not Defined (X)
  • Value Density (V): Not Defined (X)
  • Vulnerability Response Effort (RE): Not Defined (X)
  • Provider Urgency (U): Not Defined (X)
  • Confidentiality Req. (CR): Not Defined (X)
  • Integrity Req. (IR): Not Defined (X)
  • Availability Req. (AR): Not Defined (X)
  • Exploit Maturity (E): Not Defined (X)
updated 12 hours ago by @LeSuisse Activity log
  • Created suggestion 19 hours ago
  • @LeSuisse accepted 12 hours ago
  • @LeSuisse ignored reference http://ww… 12 hours ago
  • @LeSuisse published on GitHub 12 hours ago

ProFTPD ACL Bypass via /proc/self/root Path Prefix in RNFR

ProFTPD
  • =<1.3.9b
  • =<1.3.10rc2
NIXPKGS-2026-1982
published 12 hours ago
rubyPackages.concurrent-ruby: security issues < 1.3.7
Permalink CVE-2026-54904
8.2 HIGH
  • CVSS version (CVSS): 4.0
  • Attack Vector (AV): Network (N)
  • Attack Complexity (AC): Low (L)
  • Attack Requirement (AT): Present (P)
  • Privileges Required (PR): None (N)
  • User Interaction (UI): None (N)
  • Vulnerable System Impact Confidentiality (VC): None (N)
  • Vulnerable System Impact Integrity (VI): None (N)
  • Vulnerable System Impact Availability (VA): High (H)
  • Subsequent System Impact Confidentiality (SC): None (N)
  • Subsequent System Impact Integrity (SI): None (N)
  • Subsequent System Impact Availability (SA): None (N)
  • Modified Attack Vector (MAV): Network (N)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Attack Requirement (MAT): Present (P)
  • Modified Privileges Required (MPR): None (N)
  • Modified User Interaction (MUI): None (N)
  • Modified Vulnerable System Impact Confidentiality (MVC): None (N)
  • Modified Vulnerable System Impact Integrity (MVI): None (N)
  • Modified Vulnerable System Impact Availability (MVA): High (H)
  • Modified Subsequent System Impact Confidentiality (MSC): Negligible (N)
  • Modified Subsequent System Impact Integrity (MSI): Negligible (N)
  • Modified Subsequent System Impact Availability (MSA): Negligible (N)
  • Safety (S): Not Defined (X)
  • Automatable (AU): Not Defined (X)
  • Recovery (R): Not Defined (X)
  • Value Density (V): Not Defined (X)
  • Vulnerability Response Effort (RE): Not Defined (X)
  • Provider Urgency (U): Not Defined (X)
  • Confidentiality Req. (CR): Not Defined (X)
  • Integrity Req. (IR): Not Defined (X)
  • Availability Req. (AR): Not Defined (X)
  • Exploit Maturity (E): Not Defined (X)
updated 12 hours ago by @LeSuisse Activity log
  • Created suggestion 19 hours ago
  • @LeSuisse accepted 12 hours ago
  • @LeSuisse published on GitHub 12 hours ago

concurrent-ruby: `AtomicReference#update` livelocks when the stored value is `Float::NAN`

concurrent-ruby
  • ==< 1.3.7
Permalink CVE-2026-54906
2.1 LOW
  • CVSS version (CVSS): 4.0
  • Attack Vector (AV): Local (L)
  • Attack Complexity (AC): High (H)
  • Attack Requirement (AT): None (N)
  • Privileges Required (PR): None (N)
  • User Interaction (UI): None (N)
  • Vulnerable System Impact Confidentiality (VC): None (N)
  • Vulnerable System Impact Integrity (VI): Low (L)
  • Vulnerable System Impact Availability (VA): Low (L)
  • Subsequent System Impact Confidentiality (SC): None (N)
  • Subsequent System Impact Integrity (SI): None (N)
  • Subsequent System Impact Availability (SA): None (N)
  • Modified Attack Vector (MAV): Local (L)
  • Modified Attack Complexity (MAC): High (H)
  • Modified Attack Requirement (MAT): None (N)
  • Modified Privileges Required (MPR): None (N)
  • Modified User Interaction (MUI): None (N)
  • Modified Vulnerable System Impact Confidentiality (MVC): None (N)
  • Modified Vulnerable System Impact Integrity (MVI): Low (L)
  • Modified Vulnerable System Impact Availability (MVA): Low (L)
  • Modified Subsequent System Impact Confidentiality (MSC): Negligible (N)
  • Modified Subsequent System Impact Integrity (MSI): Negligible (N)
  • Modified Subsequent System Impact Availability (MSA): Negligible (N)
  • Safety (S): Not Defined (X)
  • Automatable (AU): Not Defined (X)
  • Recovery (R): Not Defined (X)
  • Value Density (V): Not Defined (X)
  • Vulnerability Response Effort (RE): Not Defined (X)
  • Provider Urgency (U): Not Defined (X)
  • Confidentiality Req. (CR): Not Defined (X)
  • Integrity Req. (IR): Not Defined (X)
  • Availability Req. (AR): Not Defined (X)
  • Exploit Maturity (E): Not Defined (X)
updated 12 hours ago by @LeSuisse Activity log
  • Created suggestion 19 hours ago
  • @LeSuisse accepted 12 hours ago
  • @LeSuisse published on GitHub 12 hours ago

concurrent-ruby: ReadWriteLock allows wrong-thread write release and stray read-release counter corruption

concurrent-ruby
  • ==< 1.3.7
Permalink CVE-2026-54905
2.0 LOW
  • CVSS version (CVSS): 4.0
  • Attack Vector (AV): Local (L)
  • Attack Complexity (AC): Low (L)
  • Attack Requirement (AT): Present (P)
  • Privileges Required (PR): Low (L)
  • User Interaction (UI): None (N)
  • Vulnerable System Impact Confidentiality (VC): Low (L)
  • Vulnerable System Impact Integrity (VI): Low (L)
  • Vulnerable System Impact Availability (VA): Low (L)
  • Subsequent System Impact Confidentiality (SC): None (N)
  • Subsequent System Impact Integrity (SI): None (N)
  • Subsequent System Impact Availability (SA): None (N)
  • Modified Attack Vector (MAV): Local (L)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Attack Requirement (MAT): Present (P)
  • Modified Privileges Required (MPR): Low (L)
  • Modified User Interaction (MUI): None (N)
  • Modified Vulnerable System Impact Confidentiality (MVC): Low (L)
  • Modified Vulnerable System Impact Integrity (MVI): Low (L)
  • Modified Vulnerable System Impact Availability (MVA): Low (L)
  • Modified Subsequent System Impact Confidentiality (MSC): Negligible (N)
  • Modified Subsequent System Impact Integrity (MSI): Negligible (N)
  • Modified Subsequent System Impact Availability (MSA): Negligible (N)
  • Safety (S): Not Defined (X)
  • Automatable (AU): Not Defined (X)
  • Recovery (R): Not Defined (X)
  • Value Density (V): Not Defined (X)
  • Vulnerability Response Effort (RE): Not Defined (X)
  • Provider Urgency (U): Not Defined (X)
  • Confidentiality Req. (CR): Not Defined (X)
  • Integrity Req. (IR): Not Defined (X)
  • Availability Req. (AR): Not Defined (X)
  • Exploit Maturity (E): Not Defined (X)
updated 12 hours ago by @LeSuisse Activity log
  • Created suggestion 18 hours ago
  • @LeSuisse accepted 13 hours ago
  • @LeSuisse published on GitHub 12 hours ago

concurrent-ruby: `ReentrantReadWriteLock` read-count overflow grants a write lock without exclusivity

concurrent-ruby
  • ==< 1.3.7
NIXPKGS-2026-1981
published 12 hours ago
warp-terminal: security issues < 0.2026.05.13.09.15.stable_01
Permalink CVE-2026-48719
8.0 HIGH
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Network (N)
  • Attack Complexity (AC): Low (L)
  • Privileges Required (PR): Low (L)
  • User Interaction (UI): Required (R)
  • Scope (S): Unchanged (U)
  • Confidentiality (C): High (H)
  • Integrity (I): High (H)
  • Availability (A): High (H)
  • Modified Attack Vector (MAV): Network (N)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Privileges Required (MPR): Low (L)
  • Modified User Interaction (MUI): Required (R)
  • Modified Confidentiality (MC): High (H)
  • Modified Scope (MS): Unchanged (U)
  • Modified Integrity (MI): High (H)
  • Modified Availability (MA): High (H)
updated 12 hours ago by @LeSuisse Activity log
  • Created suggestion 19 hours ago
  • @LeSuisse ignored
    23 packages
    • warp
    • warpd
    • ts-warp
    • warpgate
    • warp-plus
    • minio-warp
    • warpinator
    • git-warp-time
    • cloudflare-warp
    • haskellPackages.warp
    • haskellPackages.warp-tls
    • gnomeExtensions.warpgnome
    • gnomeExtensions.mouse-warp
    • gnomeExtensions.warp-toggle
    • python312Packages.warp-lang
    • python313Packages.warp-lang
    • python314Packages.warp-lang
    • haskellPackages.jsaddle-warp
    • haskellPackages.warp-systemd
    • haskellPackages.core-webserver-warp
    • gnomeExtensions.cloudflare-warp-toggle
    • gnomeExtensions.cloudflare-warp-indicator
    • haskellPackages.essence-of-live-coding-warp
    12 hours ago
  • @LeSuisse accepted 12 hours ago
  • @LeSuisse published on GitHub 12 hours ago

Warp branch selector command injection via Git branch names

warp
  • ==>= 0.2025.08.06.08.12.stable_00, < 0.2026.05.13.09.15.stable_01 
Needs a backport to 26.05
Permalink CVE-2026-48732
8.8 HIGH
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Network (N)
  • Attack Complexity (AC): Low (L)
  • Privileges Required (PR): None (N)
  • User Interaction (UI): Required (R)
  • Scope (S): Unchanged (U)
  • Confidentiality (C): High (H)
  • Integrity (I): High (H)
  • Availability (A): High (H)
  • Modified Attack Vector (MAV): Network (N)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Privileges Required (MPR): None (N)
  • Modified User Interaction (MUI): Required (R)
  • Modified Confidentiality (MC): High (H)
  • Modified Scope (MS): Unchanged (U)
  • Modified Integrity (MI): High (H)
  • Modified Availability (MA): High (H)
updated 12 hours ago by @LeSuisse Activity log
  • Created suggestion 19 hours ago
  • @LeSuisse ignored
    23 packages
    • warp
    • warpd
    • ts-warp
    • warpgate
    • warp-plus
    • minio-warp
    • warpinator
    • git-warp-time
    • cloudflare-warp
    • haskellPackages.warp
    • haskellPackages.warp-tls
    • gnomeExtensions.warpgnome
    • gnomeExtensions.mouse-warp
    • gnomeExtensions.warp-toggle
    • python312Packages.warp-lang
    • python313Packages.warp-lang
    • python314Packages.warp-lang
    • haskellPackages.jsaddle-warp
    • haskellPackages.warp-systemd
    • haskellPackages.core-webserver-warp
    • gnomeExtensions.cloudflare-warp-toggle
    • gnomeExtensions.cloudflare-warp-indicator
    • haskellPackages.essence-of-live-coding-warp
    12 hours ago
  • @LeSuisse accepted 12 hours ago
  • @LeSuisse published on GitHub 12 hours ago

Warp: Remote SSH cwd can lead to unauthorized remote command execution

warp
  • ==>= 0.2023.03.21.08.02.stable_00, < 0.2026.05.13.09.15.stable_01 
Needs a backport to 26.05
Permalink CVE-2026-48731
7.8 HIGH
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Local (L)
  • Attack Complexity (AC): Low (L)
  • Privileges Required (PR): None (N)
  • User Interaction (UI): Required (R)
  • Scope (S): Unchanged (U)
  • Confidentiality (C): High (H)
  • Integrity (I): High (H)
  • Availability (A): High (H)
  • Modified Attack Vector (MAV): Local (L)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Privileges Required (MPR): None (N)
  • Modified User Interaction (MUI): Required (R)
  • Modified Confidentiality (MC): High (H)
  • Modified Scope (MS): Unchanged (U)
  • Modified Integrity (MI): High (H)
  • Modified Availability (MA): High (H)
updated 12 hours ago by @LeSuisse Activity log
  • Created suggestion 19 hours ago
  • @LeSuisse ignored
    23 packages
    • warp
    • warpd
    • ts-warp
    • warpgate
    • warp-plus
    • minio-warp
    • warpinator
    • git-warp-time
    • cloudflare-warp
    • haskellPackages.warp
    • haskellPackages.warp-tls
    • gnomeExtensions.warpgnome
    • gnomeExtensions.mouse-warp
    • gnomeExtensions.warp-toggle
    • python312Packages.warp-lang
    • python313Packages.warp-lang
    • python314Packages.warp-lang
    • haskellPackages.jsaddle-warp
    • haskellPackages.warp-systemd
    • haskellPackages.core-webserver-warp
    • gnomeExtensions.cloudflare-warp-toggle
    • gnomeExtensions.cloudflare-warp-indicator
    • haskellPackages.essence-of-live-coding-warp
    12 hours ago
  • @LeSuisse accepted 12 hours ago
  • @LeSuisse published on GitHub 12 hours ago

Warp: Linux external editor command injection

warp
  • ==>= 0.2024.02.20.08.01.stable_01, < 0.2026.05.13.09.15.stable_01 
Needs a backport to 26.05
Permalink CVE-2026-54686
4.3 MEDIUM
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Network (N)
  • Attack Complexity (AC): Low (L)
  • Privileges Required (PR): None (N)
  • User Interaction (UI): Required (R)
  • Scope (S): Unchanged (U)
  • Confidentiality (C): None (N)
  • Integrity (I): None (N)
  • Availability (A): Low (L)
  • Modified Attack Vector (MAV): Network (N)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Privileges Required (MPR): None (N)
  • Modified User Interaction (MUI): Required (R)
  • Modified Confidentiality (MC): None (N)
  • Modified Scope (MS): Unchanged (U)
  • Modified Integrity (MI): None (N)
  • Modified Availability (MA): Low (L)
updated 12 hours ago by @LeSuisse Activity log
  • Created suggestion 19 hours ago
  • @LeSuisse ignored
    23 packages
    • warp
    • warpd
    • ts-warp
    • warpgate
    • warp-plus
    • minio-warp
    • warpinator
    • git-warp-time
    • cloudflare-warp
    • haskellPackages.warp
    • haskellPackages.warp-tls
    • gnomeExtensions.warpgnome
    • gnomeExtensions.mouse-warp
    • gnomeExtensions.warp-toggle
    • python312Packages.warp-lang
    • python313Packages.warp-lang
    • python314Packages.warp-lang
    • haskellPackages.jsaddle-warp
    • haskellPackages.warp-systemd
    • haskellPackages.core-webserver-warp
    • gnomeExtensions.cloudflare-warp-toggle
    • gnomeExtensions.cloudflare-warp-indicator
    • haskellPackages.essence-of-live-coding-warp
    12 hours ago
  • @LeSuisse accepted 12 hours ago
  • @LeSuisse published on GitHub 12 hours ago

Warp: DCS lifecycle hook spoofing can alter terminal session metadata

warp
  • ==>= 0.2021.04.25.23.05.stable_00, < 0.2026.05.13.09.15.stable_01 
Needs a backport to 26.05
Permalink CVE-2026-54699
7.7 HIGH
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Local (L)
  • Attack Complexity (AC): High (H)
  • Privileges Required (PR): None (N)
  • User Interaction (UI): Required (R)
  • Scope (S): Changed (C)
  • Confidentiality (C): High (H)
  • Integrity (I): High (H)
  • Availability (A): High (H)
  • Modified Attack Vector (MAV): Local (L)
  • Modified Attack Complexity (MAC): High (H)
  • Modified Privileges Required (MPR): None (N)
  • Modified User Interaction (MUI): Required (R)
  • Modified Confidentiality (MC): High (H)
  • Modified Scope (MS): Changed (C)
  • Modified Integrity (MI): High (H)
  • Modified Availability (MA): High (H)
updated 12 hours ago by @LeSuisse Activity log
  • Created suggestion 19 hours ago
  • @LeSuisse ignored
    23 packages
    • warp
    • warpd
    • ts-warp
    • warpgate
    • warp-plus
    • minio-warp
    • warpinator
    • git-warp-time
    • cloudflare-warp
    • haskellPackages.warp
    • haskellPackages.warp-tls
    • gnomeExtensions.warpgnome
    • gnomeExtensions.mouse-warp
    • gnomeExtensions.warp-toggle
    • python312Packages.warp-lang
    • python313Packages.warp-lang
    • python314Packages.warp-lang
    • haskellPackages.jsaddle-warp
    • haskellPackages.warp-systemd
    • haskellPackages.core-webserver-warp
    • gnomeExtensions.cloudflare-warp-toggle
    • gnomeExtensions.cloudflare-warp-indicator
    • haskellPackages.essence-of-live-coding-warp
    12 hours ago
  • @LeSuisse accepted 12 hours ago
  • @LeSuisse published on GitHub 12 hours ago

Warp: OS command injection when opening terminal links from WSL

warp
  • ==>= 0.2024.03.12.08.02.stable_01, < 0.2026.05.13.09.15.stable_01 
Needs a backport to 26.05
Permalink CVE-2026-48725
8.1 HIGH
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Network (N)
  • Attack Complexity (AC): Low (L)
  • Privileges Required (PR): None (N)
  • User Interaction (UI): Required (R)
  • Scope (S): Unchanged (U)
  • Confidentiality (C): High (H)
  • Integrity (I): High (H)
  • Availability (A): None (N)
  • Modified Attack Vector (MAV): Network (N)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Privileges Required (MPR): None (N)
  • Modified User Interaction (MUI): Required (R)
  • Modified Confidentiality (MC): High (H)
  • Modified Scope (MS): Unchanged (U)
  • Modified Integrity (MI): High (H)
  • Modified Availability (MA): None (N)
updated 12 hours ago by @LeSuisse Activity log
  • Created suggestion 19 hours ago
  • @LeSuisse ignored
    23 packages
    • warp
    • warpd
    • ts-warp
    • warpgate
    • warp-plus
    • minio-warp
    • warpinator
    • git-warp-time
    • cloudflare-warp
    • haskellPackages.warp
    • haskellPackages.warp-tls
    • gnomeExtensions.warpgnome
    • gnomeExtensions.mouse-warp
    • gnomeExtensions.warp-toggle
    • python312Packages.warp-lang
    • python313Packages.warp-lang
    • python314Packages.warp-lang
    • haskellPackages.jsaddle-warp
    • haskellPackages.warp-systemd
    • haskellPackages.core-webserver-warp
    • gnomeExtensions.cloudflare-warp-toggle
    • gnomeExtensions.cloudflare-warp-indicator
    • haskellPackages.essence-of-live-coding-warp
    12 hours ago
  • @LeSuisse accepted 12 hours ago
  • @LeSuisse published on GitHub 12 hours ago

Warp may allow terminal output to access the local clipboard through OSC 52

warp
  • ==>= 0.2021.04.25.23.05.stable_00, < v0.2026.05.13.09.15.stable_01 
Needs a backport to 26.05
Permalink CVE-2026-48704
8.8 HIGH
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Network (N)
  • Attack Complexity (AC): Low (L)
  • Privileges Required (PR): None (N)
  • User Interaction (UI): Required (R)
  • Scope (S): Unchanged (U)
  • Confidentiality (C): High (H)
  • Integrity (I): High (H)
  • Availability (A): High (H)
  • Modified Attack Vector (MAV): Network (N)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Privileges Required (MPR): None (N)
  • Modified User Interaction (MUI): Required (R)
  • Modified Confidentiality (MC): High (H)
  • Modified Scope (MS): Unchanged (U)
  • Modified Integrity (MI): High (H)
  • Modified Availability (MA): High (H)
updated 12 hours ago by @LeSuisse Activity log
  • Created suggestion 18 hours ago
  • @LeSuisse ignored
    23 packages
    • warp
    • warpd
    • ts-warp
    • warpgate
    • warp-plus
    • minio-warp
    • warpinator
    • git-warp-time
    • cloudflare-warp
    • haskellPackages.warp
    • haskellPackages.warp-tls
    • gnomeExtensions.warpgnome
    • gnomeExtensions.mouse-warp
    • gnomeExtensions.warp-toggle
    • python312Packages.warp-lang
    • python313Packages.warp-lang
    • python314Packages.warp-lang
    • haskellPackages.jsaddle-warp
    • haskellPackages.warp-systemd
    • haskellPackages.core-webserver-warp
    • gnomeExtensions.cloudflare-warp-toggle
    • gnomeExtensions.cloudflare-warp-indicator
    • haskellPackages.essence-of-live-coding-warp
    12 hours ago
  • @LeSuisse accepted 12 hours ago
  • @LeSuisse published on GitHub 12 hours ago

Warp Markdown notebook links may open executable local files

warp
  • ==>= 0.2023.10.24.08.03.stable_00, < 0.2026.05.13.09.15.stable_01 
Needs a backport to 26.05
Permalink CVE-2026-48703
7.8 HIGH
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Local (L)
  • Attack Complexity (AC): Low (L)
  • Privileges Required (PR): None (N)
  • User Interaction (UI): Required (R)
  • Scope (S): Unchanged (U)
  • Confidentiality (C): High (H)
  • Integrity (I): High (H)
  • Availability (A): High (H)
  • Modified Attack Vector (MAV): Local (L)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Privileges Required (MPR): None (N)
  • Modified User Interaction (MUI): Required (R)
  • Modified Confidentiality (MC): High (H)
  • Modified Scope (MS): Unchanged (U)
  • Modified Integrity (MI): High (H)
  • Modified Availability (MA): High (H)
updated 12 hours ago by @LeSuisse Activity log
  • Created suggestion 18 hours ago
  • @LeSuisse ignored
    23 packages
    • warp
    • warpd
    • ts-warp
    • warpgate
    • warp-plus
    • minio-warp
    • warpinator
    • git-warp-time
    • cloudflare-warp
    • haskellPackages.warp
    • haskellPackages.warp-tls
    • gnomeExtensions.warpgnome
    • gnomeExtensions.mouse-warp
    • gnomeExtensions.warp-toggle
    • python312Packages.warp-lang
    • python313Packages.warp-lang
    • python314Packages.warp-lang
    • haskellPackages.jsaddle-warp
    • haskellPackages.warp-systemd
    • haskellPackages.core-webserver-warp
    • gnomeExtensions.cloudflare-warp-toggle
    • gnomeExtensions.cloudflare-warp-indicator
    • haskellPackages.essence-of-live-coding-warp
    12 hours ago
  • @LeSuisse accepted 12 hours ago
  • @LeSuisse published on GitHub 12 hours ago

Warp: Command Injection via Warp code search tool arguments

warp
  • ==>= 0.2025.04.09.08.11.stable_00, < 0.2026.05.13.09.15.stable_01 
Needs a backport to 26.05
Permalink CVE-2026-48721
8.6 HIGH
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Local (L)
  • Attack Complexity (AC): Low (L)
  • Privileges Required (PR): None (N)
  • User Interaction (UI): Required (R)
  • Scope (S): Changed (C)
  • Confidentiality (C): High (H)
  • Integrity (I): High (H)
  • Availability (A): High (H)
  • Modified Attack Vector (MAV): Local (L)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Privileges Required (MPR): None (N)
  • Modified User Interaction (MUI): Required (R)
  • Modified Confidentiality (MC): High (H)
  • Modified Scope (MS): Changed (C)
  • Modified Integrity (MI): High (H)
  • Modified Availability (MA): High (H)
updated 12 hours ago by @LeSuisse Activity log
  • Created suggestion 18 hours ago
  • @LeSuisse ignored
    23 packages
    • warp
    • warpd
    • ts-warp
    • warpgate
    • warp-plus
    • minio-warp
    • warpinator
    • git-warp-time
    • cloudflare-warp
    • haskellPackages.warp
    • haskellPackages.warp-tls
    • gnomeExtensions.warpgnome
    • gnomeExtensions.mouse-warp
    • gnomeExtensions.warp-toggle
    • python312Packages.warp-lang
    • python313Packages.warp-lang
    • python314Packages.warp-lang
    • haskellPackages.jsaddle-warp
    • haskellPackages.warp-systemd
    • haskellPackages.core-webserver-warp
    • gnomeExtensions.cloudflare-warp-toggle
    • gnomeExtensions.cloudflare-warp-indicator
    • haskellPackages.essence-of-live-coding-warp
    12 hours ago
  • @LeSuisse accepted 12 hours ago
  • @LeSuisse published on GitHub 12 hours ago

Warp: Env-var prefixes can lead to denylisted command autoexecution

warp
  • ==>= 0.2025.10.08.08.12.stable_00, < 0.2026.05.13.09.15.stable_01 
Needs a backport to 26.05
Permalink CVE-2026-48720
8.8 HIGH
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Network (N)
  • Attack Complexity (AC): Low (L)
  • Privileges Required (PR): None (N)
  • User Interaction (UI): Required (R)
  • Scope (S): Unchanged (U)
  • Confidentiality (C): High (H)
  • Integrity (I): High (H)
  • Availability (A): High (H)
  • Modified Attack Vector (MAV): Network (N)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Privileges Required (MPR): None (N)
  • Modified User Interaction (MUI): Required (R)
  • Modified Confidentiality (MC): High (H)
  • Modified Scope (MS): Unchanged (U)
  • Modified Integrity (MI): High (H)
  • Modified Availability (MA): High (H)
updated 12 hours ago by @LeSuisse Activity log
  • Created suggestion 18 hours ago
  • @LeSuisse ignored
    23 packages
    • git-warp-time
    • warpinator
    • minio-warp
    • warp-plus
    • ts-warp
    • warpd
    • warp
    • warpgate
    • cloudflare-warp
    • haskellPackages.warp
    • haskellPackages.warp-tls
    • gnomeExtensions.warpgnome
    • gnomeExtensions.mouse-warp
    • gnomeExtensions.warp-toggle
    • python312Packages.warp-lang
    • python313Packages.warp-lang
    • python314Packages.warp-lang
    • haskellPackages.jsaddle-warp
    • haskellPackages.warp-systemd
    • haskellPackages.core-webserver-warp
    • gnomeExtensions.cloudflare-warp-toggle
    • gnomeExtensions.cloudflare-warp-indicator
    • haskellPackages.essence-of-live-coding-warp
    13 hours ago
  • @LeSuisse accepted 13 hours ago
  • @LeSuisse published on GitHub 12 hours ago

Warp: SSH remote output can lead to local file overwrite and persistence

warp
  • ==>= 0.2025.03.05.08.02.stable_00, < 0.2026.05.13.09.15.stable_01 
Needs a backport to 26.05
NIXPKGS-2026-1980
published 12 hours ago
Mistune: Potential DoS via quadratic-time parsing in parse_link_text
Permalink CVE-2026-49851
8.7 HIGH
  • CVSS version (CVSS): 4.0
  • Attack Vector (AV): Network (N)
  • Attack Complexity (AC): Low (L)
  • Attack Requirement (AT): None (N)
  • Privileges Required (PR): None (N)
  • User Interaction (UI): None (N)
  • Vulnerable System Impact Confidentiality (VC): None (N)
  • Vulnerable System Impact Integrity (VI): None (N)
  • Vulnerable System Impact Availability (VA): High (H)
  • Subsequent System Impact Confidentiality (SC): None (N)
  • Subsequent System Impact Integrity (SI): None (N)
  • Subsequent System Impact Availability (SA): None (N)
  • Modified Attack Vector (MAV): Network (N)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Attack Requirement (MAT): None (N)
  • Modified Privileges Required (MPR): None (N)
  • Modified User Interaction (MUI): None (N)
  • Modified Vulnerable System Impact Confidentiality (MVC): None (N)
  • Modified Vulnerable System Impact Integrity (MVI): None (N)
  • Modified Vulnerable System Impact Availability (MVA): High (H)
  • Modified Subsequent System Impact Confidentiality (MSC): Negligible (N)
  • Modified Subsequent System Impact Integrity (MSI): Negligible (N)
  • Modified Subsequent System Impact Availability (MSA): Negligible (N)
  • Safety (S): Not Defined (X)
  • Automatable (AU): Not Defined (X)
  • Recovery (R): Not Defined (X)
  • Value Density (V): Not Defined (X)
  • Vulnerability Response Effort (RE): Not Defined (X)
  • Provider Urgency (U): Not Defined (X)
  • Confidentiality Req. (CR): Not Defined (X)
  • Integrity Req. (IR): Not Defined (X)
  • Availability Req. (AR): Not Defined (X)
  • Exploit Maturity (E): Not Defined (X)
updated 12 hours ago by @LeSuisse Activity log
  • Created suggestion 18 hours ago
  • @LeSuisse accepted 12 hours ago
  • @LeSuisse published on GitHub 12 hours ago

Mistune: Potential DoS via quadratic-time parsing in parse_link_text

mistune
  • ==< 3.3.0
NIXPKGS-2026-1979
published 12 hours ago
SiYuan: security issues < 3.7.0
Permalink CVE-2026-54066
7.5 HIGH
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Network (N)
  • Attack Complexity (AC): Low (L)
  • Privileges Required (PR): None (N)
  • User Interaction (UI): None (N)
  • Scope (S): Unchanged (U)
  • Confidentiality (C): High (H)
  • Integrity (I): None (N)
  • Availability (A): None (N)
  • Modified Attack Vector (MAV): Network (N)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Privileges Required (MPR): None (N)
  • Modified User Interaction (MUI): None (N)
  • Modified Confidentiality (MC): High (H)
  • Modified Scope (MS): Unchanged (U)
  • Modified Integrity (MI): None (N)
  • Modified Availability (MA): None (N)
updated 12 hours ago by @LeSuisse Activity log
  • Created suggestion 19 hours ago
  • @LeSuisse accepted 12 hours ago
  • @LeSuisse published on GitHub 12 hours ago

SiYuan: Path Traversal via Double URL Encoding in /assets/*path (publish mode arbitrary file─read)

siyuan
  • ==< 3.7.0
Permalink CVE-2026-54069
9.2 CRITICAL
  • CVSS version (CVSS): 4.0
  • Attack Vector (AV): Network (N)
  • Attack Complexity (AC): High (H)
  • Attack Requirement (AT): None (N)
  • Privileges Required (PR): None (N)
  • User Interaction (UI): None (N)
  • Vulnerable System Impact Confidentiality (VC): High (H)
  • Vulnerable System Impact Integrity (VI): High (H)
  • Vulnerable System Impact Availability (VA): High (H)
  • Subsequent System Impact Confidentiality (SC): None (N)
  • Subsequent System Impact Integrity (SI): None (N)
  • Subsequent System Impact Availability (SA): None (N)
  • Modified Attack Vector (MAV): Network (N)
  • Modified Attack Complexity (MAC): High (H)
  • Modified Attack Requirement (MAT): None (N)
  • Modified Privileges Required (MPR): None (N)
  • Modified User Interaction (MUI): None (N)
  • Modified Vulnerable System Impact Confidentiality (MVC): High (H)
  • Modified Vulnerable System Impact Integrity (MVI): High (H)
  • Modified Vulnerable System Impact Availability (MVA): High (H)
  • Modified Subsequent System Impact Confidentiality (MSC): Negligible (N)
  • Modified Subsequent System Impact Integrity (MSI): Negligible (N)
  • Modified Subsequent System Impact Availability (MSA): Negligible (N)
  • Safety (S): Not Defined (X)
  • Automatable (AU): Not Defined (X)
  • Recovery (R): Not Defined (X)
  • Value Density (V): Not Defined (X)
  • Vulnerability Response Effort (RE): Not Defined (X)
  • Provider Urgency (U): Not Defined (X)
  • Confidentiality Req. (CR): Not Defined (X)
  • Integrity Req. (IR): Not Defined (X)
  • Availability Req. (AR): Not Defined (X)
  • Exploit Maturity (E): Not Defined (X)
updated 12 hours ago by @LeSuisse Activity log
  • Created suggestion 19 hours ago
  • @LeSuisse accepted 12 hours ago
  • @LeSuisse published on GitHub 12 hours ago

SiYuan: Unauthenticated Admin API Access via Blanket chrome-extension:// Origin Allowlist

siyuan
  • ==< 3.7.0
Permalink CVE-2026-50551
9.9 CRITICAL
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Network (N)
  • Attack Complexity (AC): Low (L)
  • Privileges Required (PR): Low (L)
  • User Interaction (UI): None (N)
  • Scope (S): Changed (C)
  • Confidentiality (C): High (H)
  • Integrity (I): High (H)
  • Availability (A): High (H)
  • Modified Attack Vector (MAV): Network (N)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Privileges Required (MPR): Low (L)
  • Modified User Interaction (MUI): None (N)
  • Modified Confidentiality (MC): High (H)
  • Modified Scope (MS): Changed (C)
  • Modified Integrity (MI): High (H)
  • Modified Availability (MA): High (H)
updated 12 hours ago by @LeSuisse Activity log
  • Created suggestion 19 hours ago
  • @LeSuisse accepted 12 hours ago
  • @LeSuisse published on GitHub 12 hours ago

SiYuan: Stored XSS to RCE via Unsanitized Attribute View Asset Cell Content

siyuan
  • ==< 3.7.0
Permalink CVE-2026-54158
9.9 CRITICAL
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Network (N)
  • Attack Complexity (AC): Low (L)
  • Privileges Required (PR): Low (L)
  • User Interaction (UI): None (N)
  • Scope (S): Changed (C)
  • Confidentiality (C): High (H)
  • Integrity (I): High (H)
  • Availability (A): High (H)
  • Modified Attack Vector (MAV): Network (N)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Privileges Required (MPR): Low (L)
  • Modified User Interaction (MUI): None (N)
  • Modified Confidentiality (MC): High (H)
  • Modified Scope (MS): Changed (C)
  • Modified Integrity (MI): High (H)
  • Modified Availability (MA): High (H)
updated 12 hours ago by @LeSuisse Activity log
  • Created suggestion 19 hours ago
  • @LeSuisse accepted 12 hours ago
  • @LeSuisse published on GitHub 12 hours ago

SiYuan: Stored XSS to RCE via attribute-view cell rendering in genAVValueHTML()

siyuan
  • ==< 3.7.0
Permalink CVE-2026-54070
7.1 HIGH
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Network (N)
  • Attack Complexity (AC): High (H)
  • Privileges Required (PR): None (N)
  • User Interaction (UI): Required (R)
  • Scope (S): Unchanged (U)
  • Confidentiality (C): High (H)
  • Integrity (I): High (H)
  • Availability (A): Low (L)
  • Modified Attack Vector (MAV): Network (N)
  • Modified Attack Complexity (MAC): High (H)
  • Modified Privileges Required (MPR): None (N)
  • Modified User Interaction (MUI): Required (R)
  • Modified Confidentiality (MC): High (H)
  • Modified Scope (MS): Unchanged (U)
  • Modified Integrity (MI): High (H)
  • Modified Availability (MA): Low (L)
updated 12 hours ago by @LeSuisse Activity log
  • Created suggestion 19 hours ago
  • @LeSuisse accepted 12 hours ago
  • @LeSuisse published on GitHub 12 hours ago

SiYuan: Stored XSS in Bazaar marketplace via package README event handlers

siyuan
  • ==< 3.7.0
Permalink CVE-2026-55570
9.0 CRITICAL
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Network (N)
  • Attack Complexity (AC): Low (L)
  • Privileges Required (PR): Low (L)
  • User Interaction (UI): Required (R)
  • Scope (S): Changed (C)
  • Confidentiality (C): High (H)
  • Integrity (I): High (H)
  • Availability (A): High (H)
  • Modified Attack Vector (MAV): Network (N)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Privileges Required (MPR): Low (L)
  • Modified User Interaction (MUI): Required (R)
  • Modified Confidentiality (MC): High (H)
  • Modified Scope (MS): Changed (C)
  • Modified Integrity (MI): High (H)
  • Modified Availability (MA): High (H)
updated 12 hours ago by @LeSuisse Activity log
  • Created suggestion 19 hours ago
  • @LeSuisse accepted 12 hours ago
  • @LeSuisse published on GitHub 12 hours ago

SiYuan: Stored XSS results to Electron RCE in SiYuan marketplace via unescaped `data-obj` attribute (Bypass for CVE-2026-45375's patch)

siyuan
  • ==< 3.7.0
Permalink CVE-2026-54067
9.9 CRITICAL
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Network (N)
  • Attack Complexity (AC): Low (L)
  • Privileges Required (PR): Low (L)
  • User Interaction (UI): None (N)
  • Scope (S): Changed (C)
  • Confidentiality (C): High (H)
  • Integrity (I): High (H)
  • Availability (A): High (H)
  • Modified Attack Vector (MAV): Network (N)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Privileges Required (MPR): Low (L)
  • Modified User Interaction (MUI): None (N)
  • Modified Confidentiality (MC): High (H)
  • Modified Scope (MS): Changed (C)
  • Modified Integrity (MI): High (H)
  • Modified Availability (MA): High (H)
updated 12 hours ago by @LeSuisse Activity log
  • Created suggestion 18 hours ago
  • @LeSuisse accepted 12 hours ago
  • @LeSuisse published on GitHub 12 hours ago

SiYuan: Stored XSS to RCE via CSS-snippet <style> breakout in renderSnippet()

siyuan
  • ==< 3.7.0
Permalink CVE-2026-54068
5.9 MEDIUM
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Network (N)
  • Attack Complexity (AC): High (H)
  • Privileges Required (PR): None (N)
  • User Interaction (UI): None (N)
  • Scope (S): Unchanged (U)
  • Confidentiality (C): High (H)
  • Integrity (I): None (N)
  • Availability (A): None (N)
  • Modified Attack Vector (MAV): Network (N)
  • Modified Attack Complexity (MAC): High (H)
  • Modified Privileges Required (MPR): None (N)
  • Modified User Interaction (MUI): None (N)
  • Modified Confidentiality (MC): High (H)
  • Modified Scope (MS): Unchanged (U)
  • Modified Integrity (MI): None (N)
  • Modified Availability (MA): None (N)
updated 12 hours ago by @LeSuisse Activity log
  • Created suggestion 18 hours ago
  • @LeSuisse accepted 12 hours ago
  • @LeSuisse published on GitHub 12 hours ago

SiYuan: Unauthenticated SQLite Data Exfiltration via Template Injection in /api/icon/getDynamicIcon

siyuan
  • ==< 3.7.0
Permalink CVE-2026-54759
8.7 HIGH
  • CVSS version (CVSS): 4.0
  • Attack Vector (AV): Network (N)
  • Attack Complexity (AC): Low (L)
  • Attack Requirement (AT): None (N)
  • Privileges Required (PR): None (N)
  • User Interaction (UI): Passive (P)
  • Vulnerable System Impact Confidentiality (VC): High (H)
  • Vulnerable System Impact Integrity (VI): High (H)
  • Vulnerable System Impact Availability (VA): High (H)
  • Subsequent System Impact Confidentiality (SC): None (N)
  • Subsequent System Impact Integrity (SI): None (N)
  • Subsequent System Impact Availability (SA): None (N)
  • Modified Attack Vector (MAV): Network (N)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Attack Requirement (MAT): None (N)
  • Modified Privileges Required (MPR): None (N)
  • Modified User Interaction (MUI): Passive (P)
  • Modified Vulnerable System Impact Confidentiality (MVC): High (H)
  • Modified Vulnerable System Impact Integrity (MVI): High (H)
  • Modified Vulnerable System Impact Availability (MVA): High (H)
  • Modified Subsequent System Impact Confidentiality (MSC): Negligible (N)
  • Modified Subsequent System Impact Integrity (MSI): Negligible (N)
  • Modified Subsequent System Impact Availability (MSA): Negligible (N)
  • Safety (S): Not Defined (X)
  • Automatable (AU): Not Defined (X)
  • Recovery (R): Not Defined (X)
  • Value Density (V): Not Defined (X)
  • Vulnerability Response Effort (RE): Not Defined (X)
  • Provider Urgency (U): Not Defined (X)
  • Confidentiality Req. (CR): Not Defined (X)
  • Integrity Req. (IR): Not Defined (X)
  • Availability Req. (AR): Not Defined (X)
  • Exploit Maturity (E): Not Defined (X)
updated 12 hours ago by @LeSuisse Activity log
  • Created suggestion 18 hours ago
  • @LeSuisse accepted 12 hours ago
  • @LeSuisse published on GitHub 12 hours ago

SiYuan: Lute HTML sanitizer allows `<iframe>` tags in Bazaar package README, leading to arbitrary command execution via SiYuan Electron client

siyuan
  • ==< 3.7.0
NIXPKGS-2026-1978
published 13 hours ago
python3Packages.docling-core: security issues < 2.91.0
Permalink CVE-2026-44022
5.5 MEDIUM
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Local (L)
  • Attack Complexity (AC): Low (L)
  • Privileges Required (PR): None (N)
  • User Interaction (UI): Required (R)
  • Scope (S): Unchanged (U)
  • Confidentiality (C): High (H)
  • Integrity (I): None (N)
  • Availability (A): None (N)
  • Modified Attack Vector (MAV): Local (L)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Privileges Required (MPR): None (N)
  • Modified User Interaction (MUI): Required (R)
  • Modified Confidentiality (MC): High (H)
  • Modified Scope (MS): Unchanged (U)
  • Modified Integrity (MI): None (N)
  • Modified Availability (MA): None (N)
updated 13 hours ago by @LeSuisse Activity log
  • Created suggestion 19 hours ago
  • @LeSuisse ignored
    8 packages
    • python312Packages.docling-ibm-models
    • python313Packages.docling-ibm-models
    • python314Packages.docling-ibm-models
    • pkgsRocm.python3Packages.docling-core
    • pkgsRocm.python3Packages.docling-ibm-models
    • python312Packages.llama-index-node-parser-docling
    • python313Packages.llama-index-node-parser-docling
    • pkgsRocm.python3Packages.llama-index-node-parser-docling
    13 hours ago
  • @LeSuisse accepted 13 hours ago
  • @LeSuisse published on GitHub 13 hours ago

Docling: Potential Path Traversal via LaTeX \includegraphics and \input Commands

docling
  • ==>= 2.73.0, < 2.91.0
Permalink CVE-2026-44017
7.5 HIGH
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Network (N)
  • Attack Complexity (AC): High (H)
  • Privileges Required (PR): None (N)
  • User Interaction (UI): Required (R)
  • Scope (S): Unchanged (U)
  • Confidentiality (C): High (H)
  • Integrity (I): High (H)
  • Availability (A): High (H)
  • Modified Attack Vector (MAV): Network (N)
  • Modified Attack Complexity (MAC): High (H)
  • Modified Privileges Required (MPR): None (N)
  • Modified User Interaction (MUI): Required (R)
  • Modified Confidentiality (MC): High (H)
  • Modified Scope (MS): Unchanged (U)
  • Modified Integrity (MI): High (H)
  • Modified Availability (MA): High (H)
updated 13 hours ago by @LeSuisse Activity log
  • Created suggestion 18 hours ago
  • @LeSuisse ignored
    8 packages
    • python312Packages.docling-ibm-models
    • python313Packages.docling-ibm-models
    • python314Packages.docling-ibm-models
    • pkgsRocm.python3Packages.docling-core
    • pkgsRocm.python3Packages.docling-ibm-models
    • python312Packages.llama-index-node-parser-docling
    • python313Packages.llama-index-node-parser-docling
    • pkgsRocm.python3Packages.llama-index-node-parser-docling
    13 hours ago
  • @LeSuisse accepted 13 hours ago
  • @LeSuisse published on GitHub 13 hours ago

Docling: Unsafe Zip Extraction in EasyOCR Model Download

docling
  • ==< 2.91.0
Permalink CVE-2026-44020
7.5 HIGH
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Network (N)
  • Attack Complexity (AC): Low (L)
  • Privileges Required (PR): None (N)
  • User Interaction (UI): None (N)
  • Scope (S): Unchanged (U)
  • Confidentiality (C): None (N)
  • Integrity (I): None (N)
  • Availability (A): High (H)
  • Modified Attack Vector (MAV): Network (N)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Privileges Required (MPR): None (N)
  • Modified User Interaction (MUI): None (N)
  • Modified Confidentiality (MC): None (N)
  • Modified Scope (MS): Unchanged (U)
  • Modified Integrity (MI): None (N)
  • Modified Availability (MA): High (H)
updated 13 hours ago by @LeSuisse Activity log
  • Created suggestion 18 hours ago
  • @LeSuisse ignored
    8 packages
    • python312Packages.docling-ibm-models
    • python313Packages.docling-ibm-models
    • python314Packages.docling-ibm-models
    • pkgsRocm.python3Packages.docling-core
    • pkgsRocm.python3Packages.docling-ibm-models
    • python312Packages.llama-index-node-parser-docling
    • python313Packages.llama-index-node-parser-docling
    • pkgsRocm.python3Packages.llama-index-node-parser-docling
    13 hours ago
  • @LeSuisse accepted 13 hours ago
  • @LeSuisse published on GitHub 13 hours ago

Docling: Unsafe XML Entity Expansion in USPTO Patent Backend

docling
  • ==>= 2.13.0, < 2.74.0
NIXPKGS-2026-1977
published 1 day, 9 hours ago
Grav - XML External Entity Injection via SVG Upload
Permalink CVE-2026-56701
7.1 HIGH
  • CVSS version (CVSS): 4.0
  • Attack Vector (AV): Network (N)
  • Attack Complexity (AC): Low (L)
  • Attack Requirement (AT): None (N)
  • Privileges Required (PR): Low (L)
  • User Interaction (UI): None (N)
  • Vulnerable System Impact Confidentiality (VC): High (H)
  • Vulnerable System Impact Integrity (VI): None (N)
  • Vulnerable System Impact Availability (VA): None (N)
  • Subsequent System Impact Confidentiality (SC): None (N)
  • Subsequent System Impact Integrity (SI): None (N)
  • Subsequent System Impact Availability (SA): None (N)
  • Modified Attack Vector (MAV): Network (N)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Attack Requirement (MAT): None (N)
  • Modified Privileges Required (MPR): Low (L)
  • Modified User Interaction (MUI): None (N)
  • Modified Vulnerable System Impact Confidentiality (MVC): High (H)
  • Modified Vulnerable System Impact Integrity (MVI): None (N)
  • Modified Vulnerable System Impact Availability (MVA): None (N)
  • Modified Subsequent System Impact Confidentiality (MSC): Negligible (N)
  • Modified Subsequent System Impact Integrity (MSI): Negligible (N)
  • Modified Subsequent System Impact Availability (MSA): Negligible (N)
  • Safety (S): Not Defined (X)
  • Automatable (AU): Not Defined (X)
  • Recovery (R): Not Defined (X)
  • Value Density (V): Not Defined (X)
  • Vulnerability Response Effort (RE): Not Defined (X)
  • Provider Urgency (U): Not Defined (X)
  • Confidentiality Req. (CR): Not Defined (X)
  • Integrity Req. (IR): Not Defined (X)
  • Availability Req. (AR): Not Defined (X)
  • Exploit Maturity (E): Not Defined (X)
updated 1 day, 9 hours ago by @LeSuisse Activity log
  • Created suggestion 1 day, 18 hours ago
  • @LeSuisse ignored
    21 packages
    • gravit
    • antigravity
    • antigravity-cli
    • antigravity-fhs
    • stardust-xr-gravity
    • kdePackages.libgravatar
    • gnomeExtensions.gravatar
    • haskellPackages.gravatar
    • python312Packages.libgravatar
    • python313Packages.libgravatar
    • python314Packages.libgravatar
    • python312Packages.flask-gravatar
    • python313Packages.flask-gravatar
    • python314Packages.flask-gravatar
    • python312Packages.django-gravatar2
    • python313Packages.django-gravatar2
    • python314Packages.django-gravatar2
    • perlPackages.MojoliciousPluginGravatar
    • perl5Packages.MojoliciousPluginGravatar
    • perl538Packages.MojoliciousPluginGravatar
    • perl540Packages.MojoliciousPluginGravatar
    1 day, 9 hours ago
  • @LeSuisse accepted 1 day, 9 hours ago
  • @LeSuisse published on GitHub 1 day, 9 hours ago

Grav - XML External Entity Injection via SVG Upload

Grav
  • ==2.0.0-beta.2
  • <2.0.0-beta.2