Nixpkgs Security Tracker

Login with GitHub

Details of issue NIXPKGS-2026-0082

NIXPKGS-2026-0082

GitHub issue published on 23 Jan 2026

Permalink CVE-2026-24061

updated 4 weeks, 1 day ago by @LeSuisse Activity log

Created automatic suggestion 1 month ago
@LeSuisse accepted 4 weeks, 1 day ago
@LeSuisse published on GitHub 4 weeks, 1 day ago

telnetd in GNU Inetutils through 2.7 allows remote authentication bypass …

telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment variable.

Affected products

Inetutils

=<2.7

Matching in nixpkgs

pkgs.inetutils

Collection of common network programs

nixos-unstable 2.6
- nixpkgs-unstable 2.6
- nixos-unstable-small 2.6

Package maintainers

@matthewbauer Matthew Bauer <mjbauer95@gmail.com>

Upstream advisory: https://lists.gnu.org/archive/html/bug-inetutils/2026-01/msg00004.html