NIXPKGS-2026-0070 published on 21 Jan 2026 CVE-2026-0622 updated 1 day, 11 hours ago by @LeSuisse Activity log Created automatic suggestion 1 day, 16 hours ago @LeSuisse removed package open5gs-webui 1 day, 12 hours ago @LeSuisse accepted as draft 1 day, 12 hours ago @LeSuisse published on GitHub 1 day, 11 hours ago Open 5GS WebUI uses a hard-coded JWT signing key Open 5GS WebUI uses a hard-coded JWT signing key (change-me) whenever the environment variable JWT_SECRET_KEY is unset Affected products open5GS =<2.7.6 Matching in nixpkgs pkgs.open5gs 4G/5G core network components nixos-unstable 2.7.6 nixpkgs-unstable 2.7.6 nixos-unstable-small 2.7.6 nixos-25.05 2.7.2 nixos-25.05-small 2.7.2 nixpkgs-25.05-darwin 2.7.2 Package maintainers: 2 @Bot-wxt1221 Bot-wxt1221 <3264117476@qq.com> @xddxdd Yuhui Xu <b980120@hotmail.com> GitHub issue
CVE-2026-0622 updated 1 day, 11 hours ago by @LeSuisse Activity log Created automatic suggestion 1 day, 16 hours ago @LeSuisse removed package open5gs-webui 1 day, 12 hours ago @LeSuisse accepted as draft 1 day, 12 hours ago @LeSuisse published on GitHub 1 day, 11 hours ago Open 5GS WebUI uses a hard-coded JWT signing key Open 5GS WebUI uses a hard-coded JWT signing key (change-me) whenever the environment variable JWT_SECRET_KEY is unset Affected products open5GS =<2.7.6 Matching in nixpkgs pkgs.open5gs 4G/5G core network components nixos-unstable 2.7.6 nixpkgs-unstable 2.7.6 nixos-unstable-small 2.7.6 nixos-25.05 2.7.2 nixos-25.05-small 2.7.2 nixpkgs-25.05-darwin 2.7.2 Package maintainers: 2 @Bot-wxt1221 Bot-wxt1221 <3264117476@qq.com> @xddxdd Yuhui Xu <b980120@hotmail.com>
pkgs.open5gs 4G/5G core network components nixos-unstable 2.7.6 nixpkgs-unstable 2.7.6 nixos-unstable-small 2.7.6 nixos-25.05 2.7.2 nixos-25.05-small 2.7.2 nixpkgs-25.05-darwin 2.7.2