Nixpkgs Security Tracker

Login with GitHub

Suggestion detail

Untriaged
(browse all)
Permalink CVE-2025-41065
created 21 hours ago
Stored Cross-Site Scripting (XSS) in LUNA from Luna Imaging

Stored Cross-Site Scripting (XSS) vulnerability type in LUNA software v7.5.5.6. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by inyecting a malicious payload through the 'Edit Batch Name' function. THe payload is stored by the application and subsequently displayed without proper sanitization when other users access it. This vulnerability can be exploited to steal sensitive user data, such as session cookies, or to perform actions on behalf of the user.

Affected products

LUNA
  • ==7.5.5.6

Matching in nixpkgs

pkgs.lunar

Defacto app for controlling monitors

pkgs.lunacy

Free design software that keeps your flow with AI tools and built-in graphics

pkgs.lunatask

All-in-one encrypted todo list, notebook, habit and mood tracker, pomodoro timer, and journaling app

pkgs.python312Packages.luna-soc

Amaranth HDL library for building USB-capable SoC designs

pkgs.python312Packages.luna-usb

Amaranth HDL framework for monitoring, hacking, and developing USB devices

pkgs.python313Packages.luna-soc

Amaranth HDL library for building USB-capable SoC designs

pkgs.python313Packages.luna-usb

Amaranth HDL framework for monitoring, hacking, and developing USB devices

pkgs.python314Packages.luna-soc

Amaranth HDL library for building USB-capable SoC designs

pkgs.python314Packages.luna-usb

Amaranth HDL framework for monitoring, hacking, and developing USB devices

pkgs.gnomeExtensions.lunar-calendar

Display Chinese Lunar Calendar in panel

  • nixos-unstable 54
    • nixpkgs-unstable 54
    • nixos-unstable-small 54
  • nixos-25.11 -
    • nixos-25.11-small 54
    • nixpkgs-25.11-darwin 54
  • nixos-25.05 52
    • nixos-25.05-small 52
    • nixpkgs-25.05-darwin 52

pkgs.python312Packages.lunarcalendar

Lunar-Solar Converter, containing a number of lunar and solar festivals in China

pkgs.python313Packages.lunarcalendar

Lunar-Solar Converter, containing a number of lunar and solar festivals in China

pkgs.python314Packages.lunarcalendar

Lunar-Solar Converter, containing a number of lunar and solar festivals in China

pkgs.home-assistant-component-tests.lunatone

Open source home automation that puts local control and privacy first

pkgs.python312Packages.korean-lunar-calendar

Library to convert Korean lunar-calendar to Gregorian calendar

pkgs.python313Packages.korean-lunar-calendar

Library to convert Korean lunar-calendar to Gregorian calendar

pkgs.python314Packages.korean-lunar-calendar

Library to convert Korean lunar-calendar to Gregorian calendar

pkgs.gnomeExtensions.luna-moon-phase-indicator

Luna is a simple GNOME Shell extension that displays the current moon phase directly in your top bar. With beautiful custom icons and real-time updates, Luna helps you stay attuned to lunar cycles throughout your day.

  • nixos-unstable 4
    • nixpkgs-unstable 4
    • nixos-unstable-small 4
  • nixos-25.11 -
    • nixos-25.11-small 4
    • nixpkgs-25.11-darwin 4
  • nixos-25.05 4
    • nixos-25.05-small 4
    • nixpkgs-25.05-darwin 4

pkgs.python312Packages.lunatone-rest-api-client

Client library for accessing the Lunatone REST API

pkgs.python313Packages.lunatone-rest-api-client

Client library for accessing the Lunatone REST API

pkgs.python314Packages.lunatone-rest-api-client

Client library for accessing the Lunatone REST API

pkgs.tests.home-assistant-component-tests.lunatone

Open source home automation that puts local control and privacy first