Nixpkgs security tracker

Login with GitHub

Details of issue NIXPKGS-2026-1379

NIXPKGS-2026-1379
published 1 month, 3 weeks ago
Permalink CVE-2026-43859
3.7 LOW
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Network (N)
  • Attack Complexity (AC): High (H)
  • Privileges Required (PR): None (N)
  • User Interaction (UI): None (N)
  • Scope (S): Unchanged (U)
  • Confidentiality (C): None (N)
  • Integrity (I): Low (L)
  • Availability (A): None (N)
  • Modified Attack Vector (MAV): Network (N)
  • Modified Attack Complexity (MAC): High (H)
  • Modified Privileges Required (MPR): None (N)
  • Modified User Interaction (MUI): None (N)
  • Modified Confidentiality (MC): None (N)
  • Modified Scope (MS): Unchanged (U)
  • Modified Integrity (MI): Low (L)
  • Modified Availability (MA): None (N)
updated 1 month, 3 weeks ago by @LeSuisse Activity log
  • Created suggestion 1 month, 3 weeks ago
  • @LeSuisse ignored
    12 packages
    • mutter
    • neomutt
    • mutt-ics
    • mutter46
    • mutter48
    • mutt-wizard
    • fontmuttmisc
    • notmuch-mutt
    • font-mutt-misc
    • pantheon.mutter
    • xorg.fontmuttmisc
    • vimPlugins.nvim-treesitter-parsers.muttrc
    1 month, 3 weeks ago
  • @LeSuisse accepted 1 month, 3 weeks ago
  • @LeSuisse published on GitHub 1 month, 3 weeks ago
mutt before 2.3.2 sometimes uses strfcpy instead of memcpy for …

mutt before 2.3.2 sometimes uses strfcpy instead of memcpy for the IMAP auth_cram MD5 digest.

Affected products

mutt
  • <2.3.2

Matching in nixpkgs

pkgs.mutt

Small but very powerful text-based mail client

Ignored packages (12)

pkgs.mutter

Window manager for GNOME

  • nixos-unstable 49.4
    • nixpkgs-unstable 49.4
    • nixos-unstable-small 49.4

pkgs.mutt-ics

Tool to show calendar event details in Mutt

pkgs.mutter48

Window manager for GNOME

  • nixos-unstable 48.7
    • nixpkgs-unstable 48.7
    • nixos-unstable-small 48.7

pkgs.mutt-wizard

System for automatically configuring mutt and isync

Package maintainers