Nixpkgs security tracker

Login with GitHub

Published issues

All published security issues are tracked and resolved on GitHub.

NIXPKGS-2026-0896
published 2 months, 3 weeks ago
updated 2 months, 3 weeks ago by @LeSuisse Activity log
  • Created suggestion
  • @LeSuisse ignored
    5 packages
    • discourse-mail-receiver
    • python312Packages.pydiscourse
    • python313Packages.pydiscourse
    • python314Packages.pydiscourse
    • grafanaPlugins.grafana-discourse-datasource
  • @LeSuisse deleted maintainer @talyz maintainer.delete
  • @LeSuisse accepted
  • @LeSuisse published on GitHub

Discourse: Insufficient topic visibility check allows unauthorized poll manipulation in private categories


discourse
  • ==>= 2026.3.0-latest, < 2026.3.0
  • ==>= 2026.1.0-latest, < 2026.1.3
  • ==>= 2026.2.0-latest, < 2026.2.2
https://github.com/discourse/discourse/security/advisories/GHSA-wq58-pvf6-w4p8
NIXPKGS-2026-0895
published 2 months, 3 weeks ago
updated 2 months, 3 weeks ago by @LeSuisse Activity log
  • Created suggestion
  • @LeSuisse ignored
    5 packages
    • discourse-mail-receiver
    • python312Packages.pydiscourse
    • python313Packages.pydiscourse
    • python314Packages.pydiscourse
    • grafanaPlugins.grafana-discourse-datasource
  • @LeSuisse accepted
  • @LeSuisse published on GitHub

Discourse: Admin-only report can be exported by moderators


discourse
  • ==>= 2026.3.0-latest, < 2026.3.0
  • ==>= 2026.1.0-latest, < 2026.1.3
  • ==>= 2026.2.0-latest, < 2026.2.2
https://github.com/discourse/discourse/security/advisories/GHSA-rhjf-mgqw-37wq
NIXPKGS-2026-0894
published 2 months, 3 weeks ago
Permalink CVE-2026-32951
4.3 MEDIUM
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Network (N)
  • Attack Complexity (AC): Low (L)
  • Privileges Required (PR): Low (L)
  • User Interaction (UI): None (N)
  • Scope (S): Unchanged (U)
  • Confidentiality (C): Low (L)
  • Integrity (I): None (N)
  • Availability (A): None (N)
  • Modified Attack Vector (MAV): Network (N)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Privileges Required (MPR): Low (L)
  • Modified User Interaction (MUI): None (N)
  • Modified Confidentiality (MC): Low (L)
  • Modified Scope (MS): Unchanged (U)
  • Modified Integrity (MI): None (N)
  • Modified Availability (MA): None (N)
updated 2 months, 3 weeks ago by @LeSuisse Activity log
  • Created suggestion
  • @LeSuisse ignored
    5 packages
    • discourse-mail-receiver
    • python312Packages.pydiscourse
    • python313Packages.pydiscourse
    • python314Packages.pydiscourse
    • grafanaPlugins.grafana-discourse-datasource
  • @LeSuisse accepted
  • @LeSuisse published on GitHub

Discourse: Authorization bypass in oneboxer via user-controlled category id


discourse
  • ==>= 2026.3.0-latest, < 2026.3.0
  • ==>= 2026.1.0-latest, < 2026.1.3
  • ==>= 2026.2.0-latest, < 2026.2.2
https://github.com/discourse/discourse/security/advisories/GHSA-v93g-8f4f-4rgm
NIXPKGS-2026-0893
published 2 months, 3 weeks ago
updated 2 months, 3 weeks ago by @LeSuisse Activity log
  • Created suggestion
  • @LeSuisse ignored
    5 packages
    • discourse-mail-receiver
    • python312Packages.pydiscourse
    • python313Packages.pydiscourse
    • python314Packages.pydiscourse
    • grafanaPlugins.grafana-discourse-datasource
  • @LeSuisse accepted
  • @LeSuisse published on GitHub

Discourse: Category group moderators can perform actions on topics in restricted categories without read access


discourse
  • ==>= 2026.3.0-latest, < 2026.3.0
  • ==>= 2026.1.0-latest, < 2026.1.3
  • ==>= 2026.2.0-latest, < 2026.2.2
https://github.com/discourse/discourse/security/advisories/GHSA-pr9m-5hpq-wc57
NIXPKGS-2026-0892
published 2 months, 3 weeks ago
updated 2 months, 3 weeks ago by @LeSuisse Activity log
  • Created suggestion
  • @LeSuisse ignored
    5 packages
    • discourse-mail-receiver
    • python312Packages.pydiscourse
    • python313Packages.pydiscourse
    • python314Packages.pydiscourse
    • grafanaPlugins.grafana-discourse-datasource
  • @LeSuisse accepted
  • @LeSuisse published on GitHub

Discourse: Open redirect via `sso_destination_url` cookie in `enter`


discourse
  • ==>= 2026.3.0-latest, < 2026.3.0
  • ==>= 2026.1.0-latest, < 2026.1.3
  • ==>= 2026.2.0-latest, < 2026.2.2
https://github.com/discourse/discourse/security/advisories/GHSA-378j-ccw4-4fwh
NIXPKGS-2026-0863
published 2 months, 3 weeks ago
Permalink CVE-2025-49010
3.8 LOW
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Physical (P)
  • Attack Complexity (AC): High (H)
  • Privileges Required (PR): None (N)
  • User Interaction (UI): Required (R)
  • Scope (S): Unchanged (U)
  • Confidentiality (C): Low (L)
  • Integrity (I): Low (L)
  • Availability (A): Low (L)
  • Modified Attack Vector (MAV): Physical (P)
  • Modified Attack Complexity (MAC): High (H)
  • Modified Privileges Required (MPR): None (N)
  • Modified User Interaction (MUI): Required (R)
  • Modified Confidentiality (MC): Low (L)
  • Modified Scope (MS): Unchanged (U)
  • Modified Integrity (MI): Low (L)
  • Modified Availability (MA): Low (L)
updated 2 months, 3 weeks ago by @mweinelt Activity log
  • Created suggestion
  • @mweinelt ignored
    12 packages
    • python313Packages.tree-sitter-grammars.tree-sitter-openscad
    • python314Packages.tree-sitter-grammars.tree-sitter-openscad
    • openscad
    • openscap
    • openscreen
    • openscad-lsp
    • openscenegraph
    • openscad-unstable
    • opensc
    • tree-sitter-grammars.tree-sitter-openscad
    • vscode-extensions.antyos.openscad
    • kakounePlugins.openscad-kak
  • @mweinelt restored package opensc
  • @mweinelt accepted
  • @mweinelt published on GitHub

OpenSC: Stack-buffer-overflow WRITE in GET RESPONSE


OpenSC
  • ==< 0.27.0
https://github.com/OpenSC/OpenSC/security/advisories/GHSA-q5cf-5wmx-9wh4
NIXPKGS-2026-0891
published 2 months, 3 weeks ago
updated 2 months, 3 weeks ago by @mweinelt Activity log
  • Created suggestion
  • @mweinelt accepted
  • @mweinelt published on GitHub

Incomplete privilege drop for com.system76.CosmicGreeter.GetUserData


cosmic-greeter
  • <https://github.com/pop-os/cosmic-greeter/pull/426
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2026-25704
NIXPKGS-2026-0890
published 2 months, 3 weeks ago
Permalink CVE-2026-5107
4.2 MEDIUM
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Network (N)
  • Attack Complexity (AC): High (H)
  • Privileges Required (PR): Low (L)
  • User Interaction (UI): None (N)
  • Scope (S): Unchanged (U)
  • Confidentiality (C): None (N)
  • Integrity (I): Low (L)
  • Availability (A): Low (L)
  • Exploit Code Maturity (E): Not Defined (X)
  • Remediation Level (RL): Official Fix (O)
  • Report Confidence (RC): Confirmed (C)
  • Modified Attack Vector (MAV): Network (N)
  • Modified Attack Complexity (MAC): High (H)
  • Modified Privileges Required (MPR): Low (L)
  • Modified User Interaction (MUI): None (N)
  • Modified Confidentiality (MC): None (N)
  • Modified Scope (MS): Unchanged (U)
  • Modified Integrity (MI): Low (L)
  • Modified Availability (MA): Low (L)
updated 2 months, 3 weeks ago by @mweinelt Activity log
  • Created suggestion
  • @mweinelt ignored
    2 packages
    • prometheus-frr-exporter
    • tests.prefer-remote-fetch.fetchgit
  • @mweinelt accepted
  • @mweinelt published on GitHub

FRRouting FRR EVPN Type-2 Route bgp_evpn.c process_type2_route access control


FRR
  • ==10.5.1
  • ==10.5.0
https://github.com/FRRouting/frr/commit/7676cad65114aa23adde583d91d9d29e2debd045
NIXPKGS-2026-0889
published 2 months, 3 weeks ago
updated 2 months, 3 weeks ago by @mweinelt Activity log
  • Created suggestion
  • @mweinelt ignored
    3 packages
    • python312Packages.gotenberg-client
    • python313Packages.gotenberg-client
    • python314Packages.gotenberg-client
  • @mweinelt accepted
  • @mweinelt published on GitHub

Gotenberg: Chromium deny-list bypass via case-insensitive URL scheme


gotenberg
  • ==< 8.29.0
https://github.com/gotenberg/gotenberg/security/advisories/GHSA-jjwv-57xh-xr6r
NIXPKGS-2026-0888
published 2 months, 3 weeks ago
updated 2 months, 3 weeks ago by @mweinelt Activity log
  • Created suggestion
  • @mweinelt ignored
    28 packages
    • libarchive-qt
    • haskellPackages.libarchive
    • kodiPackages.vfs-libarchive
    • perlPackages.ArchiveLibarchive
    • python312Packages.libarchive-c
    • python313Packages.libarchive-c
    • python314Packages.libarchive-c
    • haskellPackages.libarchive-clib
    • perl5Packages.ArchiveLibarchive
    • perl538Packages.ArchiveLibarchive
    • perl540Packages.ArchiveLibarchive
    • haskellPackages.archive-libarchive
    • haskellPackages.libarchive-conduit
    • perlPackages.ArchiveLibarchivePeek
    • perlPackages.TestArchiveLibarchive
    • perl5Packages.ArchiveLibarchivePeek
    • perl5Packages.TestArchiveLibarchive
    • perl538Packages.ArchiveLibarchivePeek
    • perl538Packages.TestArchiveLibarchive
    • perl540Packages.ArchiveLibarchivePeek
    • perl540Packages.TestArchiveLibarchive
    • perlPackages.ArchiveLibarchiveExtract
    • perl5Packages.ArchiveLibarchiveExtract
    • perl538Packages.ArchiveLibarchiveExtract
    • perl540Packages.ArchiveLibarchiveExtract
    • python312Packages.extractcode-libarchive
    • python313Packages.extractcode-libarchive
    • python314Packages.extractcode-libarchive
  • @mweinelt accepted
  • @mweinelt published on GitHub

Libarchive: libarchive: arbitrary code execution via integer overflow in iso9660 image processing


rhcos
libarchive
https://github.com/libarchive/libarchive/pull/2934