NIXPKGS-2026-1226

GitHub issue published 2 months ago

          Permalink
          
            CVE-2026-6862
          
        5.5 MEDIUM
      
        CVSS version (CVSS): 3.1
      
          Attack Vector (AV): Local (L)
        
          Attack Complexity (AC): Low (L)
        
          Privileges Required (PR): None (N)
        
          User Interaction (UI): Required (R)
        
          Scope (S): Unchanged (U)
        
          Confidentiality (C): None (N)
        
          Integrity (I): None (N)
        
          Availability (A): High (H)
        
          Modified Attack Vector (MAV): Local (L)
        
          Modified Attack Complexity (MAC): Low (L)
        
          Modified Privileges Required (MPR): None (N)
        
          Modified User Interaction (MUI): Required (R)
        
          Modified Confidentiality (MC): None (N)
        
          Modified Scope (MS): Unchanged (U)
        
          Modified Integrity (MI): None (N)
        
          Modified Availability (MA): High (H)
        
              updated
            
          2 months ago
          by @LeSuisse
        
      Activity log
    
              Created suggestion
            
          2 months ago
          
          @LeSuisse
          
              accepted
            
          2 months ago
          
          @LeSuisse
          
              published on GitHub
            
          2 months ago
          
            Efivar: efivar: denial of service due to stack overflow in device path node parsing
          
      https://access.redhat.com/security/cve/CVE-2026-6862
    
    x_refsource_REDHATvdb-entry
  
      RHBZ#2459982
    
    issue-trackingx_refsource_REDHAT
  
    rhcos

    efivar

NIXPKGS-2026-1225

GitHub issue published 2 months ago

          Permalink
          
            CVE-2026-41651
          
        8.8 HIGH
      
        CVSS version (CVSS): 3.1
      
          Attack Vector (AV): Local (L)
        
          Attack Complexity (AC): Low (L)
        
          Privileges Required (PR): Low (L)
        
          User Interaction (UI): None (N)
        
          Scope (S): Changed (C)
        
          Confidentiality (C): High (H)
        
          Integrity (I): High (H)
        
          Availability (A): High (H)
        
          Modified Attack Vector (MAV): Local (L)
        
          Modified Attack Complexity (MAC): Low (L)
        
          Modified Privileges Required (MPR): Low (L)
        
          Modified User Interaction (MUI): None (N)
        
          Modified Confidentiality (MC): High (H)
        
          Modified Scope (MS): Changed (C)
        
          Modified Integrity (MI): High (H)
        
          Modified Availability (MA): High (H)
        
              updated
            
          2 months ago
          by @LeSuisse
        
      Activity log
    
              Created suggestion
            
          2 months ago
          
          @LeSuisse
          
              ignored
            
                3 packages
                gnome-packagekit
kdePackages.packagekit-qt
qt6Packages.packagekit-qt

          2 months ago
          
          @LeSuisse
          
              accepted
            
          2 months ago
          
          @LeSuisse
          
              published on GitHub
            
          2 months ago
          
            PackageKit vulnerable to TOCTOU Race on Transaction Flags leads to arbitrary package installation as root
          
      https://github.com/PackageKit/PackageKit/security/advisories/GHSA-f55j-vvr9-69xv
    
    x_refsource_CONFIRM
  
      https://github.security.telekom.com/2026/04/pack2theroot-linux-local-privilege-escalation.html
    
    exploitx_refsource_MISC
  
      http://www.openwall.com/lists/oss-security/2026/04/22/6
    
          Ignored references (3)
        
      https://github.com/PackageKit/PackageKit/blob/04057883189efa225a7c785591aa87cb299782f8/src/pk-transaction.c#L2273-L2277
    
    x_refsource_MISC
  
      https://github.com/PackageKit/PackageKit/blob/04057883189efa225a7c785591aa87cb299782f8/src/pk-transaction.c#L4036
    
    x_refsource_MISC
  
      https://github.com/PackageKit/PackageKit/blob/04057883189efa225a7c785591aa87cb299782f8/src/pk-transaction.c#L873-L882
    
    x_refsource_MISC
  
    PackageKit

            ==>= 1.0.2, <= 1.3.4

NIXPKGS-2026-1224

GitHub issue published 2 months ago

          Permalink
          
            CVE-2026-41145
          
              updated
            
          2 months ago
          by @LeSuisse
        
      Activity log
    
              Created suggestion
            
          2 months ago
          
          @LeSuisse
          
              ignored
            
                37 packages
                minion
kminion
minio-cpp
minio-warp
minio-client
minio-certgen
minio_legacy_fs
perlPackages.Minion
perl5Packages.Minion
haskellPackages.minion
perl538Packages.Minion
perl540Packages.Minion
python312Packages.minio
python313Packages.minio
python314Packages.minio
haskellPackages.minio-hs
terraform-providers.minio
haskellPackages.minion-jwt
haskellPackages.minion-htmx
haskellPackages.minion-conduit
haskellPackages.minion-openapi3
perlPackages.MinionBackendRedis
perlPackages.MinionBackendmysql
haskellPackages.minion-wai-extra
perl5Packages.MinionBackendRedis
perl5Packages.MinionBackendmysql
perlPackages.MinionBackendSQLite
perl5Packages.MinionBackendSQLite
perl538Packages.MinionBackendRedis
perl538Packages.MinionBackendmysql
perl540Packages.MinionBackendRedis
perl540Packages.MinionBackendmysql
terraform-providers.aminueza_minio
perl538Packages.MinionBackendSQLite
perl540Packages.MinionBackendSQLite
home-assistant-component-tests.minio
tests.home-assistant-components.minio

          2 months ago
          
          @LeSuisse
          
              ignored
            
                2 maintainers
                @bachp
@ryan4yin

          2 months ago
          
              maintainer.ignore
            
          @LeSuisse
          
              accepted
            
          2 months ago
          
          @LeSuisse
          
              published on GitHub
            
          2 months ago
          
            MinIO has an Unauthenticated Object Write via Query-String Credential Signature Bypass in Unsigned-Trailer Uploads
          
      https://github.com/minio/minio/security/advisories/GHSA-hv4r-mvr4-25vw
    
    x_refsource_CONFIRM
  
          Ignored references (2)
        
      https://github.com/minio/minio/pull/16484
    
    x_refsource_MISC
  
      https://github.com/minio/minio/commit/76913a9fd5c6e5c2dbd4e8c7faf56ed9e9e24091
    
    x_refsource_MISC
  
    minio

            ==>= RELEASE.2023-05-18T00-05-36Z, < RELEASE.2026-04-11T03-20-12Z

NIXPKGS-2026-1223

GitHub issue published 2 months ago

          Permalink
          
            CVE-2026-40344
          
              updated
            
          2 months ago
          by @LeSuisse
        
      Activity log
    
              Created suggestion
            
          2 months ago
          
          @LeSuisse
          
              ignored
            
                37 packages
                minion
kminion
minio-cpp
minio-warp
minio-client
minio-certgen
minio_legacy_fs
perlPackages.Minion
perl5Packages.Minion
haskellPackages.minion
perl538Packages.Minion
perl540Packages.Minion
python312Packages.minio
python313Packages.minio
python314Packages.minio
haskellPackages.minio-hs
terraform-providers.minio
haskellPackages.minion-jwt
haskellPackages.minion-htmx
haskellPackages.minion-conduit
haskellPackages.minion-openapi3
perlPackages.MinionBackendRedis
perlPackages.MinionBackendmysql
haskellPackages.minion-wai-extra
perl5Packages.MinionBackendRedis
perl5Packages.MinionBackendmysql
perlPackages.MinionBackendSQLite
perl5Packages.MinionBackendSQLite
perl538Packages.MinionBackendRedis
perl538Packages.MinionBackendmysql
perl540Packages.MinionBackendRedis
perl540Packages.MinionBackendmysql
terraform-providers.aminueza_minio
perl538Packages.MinionBackendSQLite
perl540Packages.MinionBackendSQLite
home-assistant-component-tests.minio
tests.home-assistant-components.minio

          2 months ago
          
          @LeSuisse
          
              ignored
            
                2 maintainers
                @bachp
@ryan4yin

          2 months ago
          
              maintainer.ignore
            
          @LeSuisse
          
              accepted
            
          2 months ago
          
          @LeSuisse
          
              published on GitHub
            
          2 months ago
          
            MinIO has an Unauthenticated Object Write via Missing Signature Verification in Unsigned-Trailer Uploads
          
      https://github.com/minio/minio/security/advisories/GHSA-9c4q-hq6p-c237
    
    x_refsource_CONFIRM
  
          Ignored references (2)
        
      https://github.com/minio/minio/pull/16484
    
    x_refsource_MISC
  
      https://github.com/minio/minio/commit/76913a9fd5c6e5c2dbd4e8c7faf56ed9e9e24091
    
    x_refsource_MISC
  
    minio

            ==>= RELEASE.2023-05-18T00-05-36Z, < RELEASE.2026-04-11T03-20-12Z

NIXPKGS-2026-1222

GitHub issue published 2 months ago

Permalink CVE-2026-34839

updated 2 months ago by @LeSuisse Activity log

Created suggestion 2 months ago
@LeSuisse ignored
5 packages
- python312Packages.glances-api
- python313Packages.glances-api
- python314Packages.glances-api
- home-assistant-component-tests.glances
- tests.home-assistant-components.glances
2 months ago
@LeSuisse accepted 2 months ago
@LeSuisse published on GitHub 2 months ago

Glances Vulnerable to Cross-Origin Information Disclosure via Unauthenticated REST API (/api/4) due to Permissive CORS

https://github.com/nicolargo/glances/security/advisories/GHSA-gfc2-9qmw-w7vh x_refsource_CONFIRM
https://github.com/nicolargo/glances/commit/fdfb977b1d91b5e410bc06c4e19f8bedb0005ce9 x_refsource_MISC

glances

==< 4.5.4

NIXPKGS-2026-1220

GitHub issue published 2 months ago

Permalink CVE-2026-39946

updated 2 months ago by @LeSuisse Activity log

Created suggestion 2 months ago
@LeSuisse accepted 2 months ago
@LeSuisse published on GitHub 2 months ago

OpenBao allows SQL Injection in PostgreSQL database secrets engine

https://github.com/openbao/openbao/security/advisories/GHSA-6vgr-cp5c-ffx3 x_refsource_CONFIRM

openbao

==< 2.5.3

NIXPKGS-2026-1221

GitHub issue published 2 months ago

Permalink CVE-2026-39396

3.1 LOW

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): High (H)
Privileges Required (PR): None (N)
User Interaction (UI): Required (R)
Scope (S): Unchanged (U)
Confidentiality (C): None (N)
Integrity (I): None (N)
Availability (A): Low (L)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): High (H)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): Required (R)
Modified Confidentiality (MC): None (N)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): None (N)
Modified Availability (MA): Low (L)

updated 2 months ago by @LeSuisse Activity log

Created suggestion 2 months ago
@LeSuisse accepted 2 months ago
@LeSuisse published on GitHub 2 months ago

OpenBao has Decompression Bomb via Unbounded Copy in OCI Plugin Extraction (DoS)

https://github.com/openbao/openbao/security/advisories/GHSA-r65v-xgwc-g56j x_refsource_CONFIRMexploit

openbao

==< 2.5.3

NIXPKGS-2026-1219

GitHub issue published 2 months ago

Permalink CVE-2026-40884

9.8 CRITICAL

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): None (N)
User Interaction (UI): None (N)
Scope (S): Unchanged (U)
Confidentiality (C): High (H)
Integrity (I): High (H)
Availability (A): High (H)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): High (H)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): High (H)
Modified Availability (MA): High (H)

updated 2 months ago by @LeSuisse Activity log

Created suggestion 2 months ago
@LeSuisse accepted 2 months ago
@LeSuisse published on GitHub 2 months ago

goshs: Empty-username SFTP password authentication bypass in goshs

https://github.com/patrickhener/goshs/security/advisories/GHSA-c29w-qq4m-2gcv x_refsource_CONFIRM

goshs

==< 2.0.0-beta.6

NIXPKGS-2026-1218

GitHub issue published 2 months ago

Permalink CVE-2026-39377

6.5 MEDIUM

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): None (N)
User Interaction (UI): Required (R)
Scope (S): Unchanged (U)
Confidentiality (C): None (N)
Integrity (I): High (H)
Availability (A): None (N)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): Required (R)
Modified Confidentiality (MC): None (N)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): High (H)
Modified Availability (MA): None (N)

updated 2 months ago by @LeSuisse Activity log

Created suggestion 2 months ago
@LeSuisse accepted 2 months ago
@LeSuisse published on GitHub 2 months ago

nbconvert has an Arbitrary File Write via Path Traversal in Cell Attachment Filenames

https://github.com/jupyter/nbconvert/security/advisories/GHSA-4c99-qj7h-p3vg x_refsource_CONFIRM

Ignored references (1)

https://github.com/jupyter/nbconvert/releases/tag/v7.17.1 x_refsource_MISC

nbconvert

==>= 6.5, < 7.17.1

NIXPKGS-2026-1217

GitHub issue published 2 months ago

          Permalink
          
            CVE-2026-40250
          
              updated
            
          2 months ago
          by @LeSuisse
        
      Activity log
    
              Created suggestion
            
          2 months ago
          
          @LeSuisse
          
              ignored
            
                3 packages
                openexrid-unstable
haskellPackages.openexr-write
openexr_2

          2 months ago
          
          @LeSuisse
          
              accepted
            
          2 months ago
          
          @LeSuisse
          
              published on GitHub
            
          2 months ago
          
            OpenEXR has integer overflow in DWA decoder outBufferEnd pointer arithmetic (missed variant of CVE-2026-34589)
          
      https://github.com/AcademySoftwareFoundation/openexr/security/advisories/GHSA-m5qw-23x2-6phj
    
    x_refsource_CONFIRM
  
      https://github.com/AcademySoftwareFoundation/openexr/releases/tag/v3.2.8
    
    x_refsource_MISC
  
      https://github.com/AcademySoftwareFoundation/openexr/releases/tag/v3.3.10
    
    x_refsource_MISC
  
      https://github.com/AcademySoftwareFoundation/openexr/releases/tag/v3.4.10
    
    x_refsource_MISC
  
    openexr

            ==>= 3.3.0, < 3.3.10
          
            ==>= 3.4.0, < 3.4.10
          
            ==>= 3.2.0, < 3.2.8

Nixpkgs security tracker

Published issues

Efivar: efivar: denial of service due to stack overflow in device path node parsing

PackageKit vulnerable to TOCTOU Race on Transaction Flags leads to arbitrary package installation as root

MinIO has an Unauthenticated Object Write via Query-String Credential Signature Bypass in Unsigned-Trailer Uploads

MinIO has an Unauthenticated Object Write via Missing Signature Verification in Unsigned-Trailer Uploads

Glances Vulnerable to Cross-Origin Information Disclosure via Unauthenticated REST API (/api/4) due to Permissive CORS

OpenBao allows SQL Injection in PostgreSQL database secrets engine

OpenBao has Decompression Bomb via Unbounded Copy in OCI Plugin Extraction (DoS)

goshs: Empty-username SFTP password authentication bypass in goshs

nbconvert has an Arbitrary File Write via Path Traversal in Cell Attachment Filenames

OpenEXR has integer overflow in DWA decoder outBufferEnd pointer arithmetic (missed variant of CVE-2026-34589)