NIXPKGS-2026-0499

GitHub issue published on

Permalink CVE-2026-21853

8.8 HIGH

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): REQUIRED
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): HIGH

updated 2 months ago by @LeSuisse Activity log

Created suggestion 2 months ago
@LeSuisse ignored
10 packages
- python312Packages.affine
- python313Packages.affine
- python314Packages.affine
- python312Packages.affinegap
- python313Packages.affinegap
- python314Packages.affinegap
- python312Packages.affine-gaps
- python313Packages.affine-gaps
- haskellPackages.affinely-extended
- haskellPackages.simple-affine-space
2 months ago
@LeSuisse accepted 2 months ago
@LeSuisse published on GitHub 2 months ago

AFFiNE: One-click Remote Code Execution through Custom URL Handling

AFFiNE is an open-source, all-in-one workspace and an operating system. Prior to version 0.25.4, there is a one-click remote code execution vulnerability. This vulnerability can be exploited by embedding a specially crafted affine: URL on a website. An attacker can trigger the vulnerability in two common scenarios: 1/ A victim visits a malicious website controlled by the attacker and the website redirect to the URL automatically, or 2/ A victim clicks on a crafted link embedded on a legitimate website (e.g., in user-generated content). In both cases, the browser invokes AFFiNE custom URL handler, which launches the AFFiNE app and processes the crafted URL. This results in arbitrary code execution on the victim’s machine, without further interaction. This issue has been patched in version 0.25.4.

References

https://github.com/toeverything/AFFiNE/security/advisories/GHSA-67vm-2mcj-8965 x_refsource_CONFIRM
https://github.com/toeverything/AFFiNE/pull/13864 x_refsource_MISC
https://github.com/toeverything/AFFiNE/commit/c9a4129a3e9376b688c18e1dcd6c87a775caac80 x_refsource_MISC

Affected products

AFFiNE

==< 0.25.4

Matching in nixpkgs

pkgs.affine

Workspace with fully merged docs, whiteboards and databases

nixos-unstable 0.26.2
- nixpkgs-unstable 0.26.2
- nixos-unstable-small 0.26.2
nixos-25.11 0.25.5
- nixos-25.11-small 0.25.5
- nixpkgs-25.11-darwin 0.25.5

pkgs.affine-bin

Workspace with fully merged docs, whiteboards and databases

nixos-unstable 0.18.1
- nixpkgs-unstable 0.18.1
- nixos-unstable-small 0.18.1
nixos-25.11 0.18.1
- nixos-25.11-small 0.18.1
- nixpkgs-25.11-darwin 0.18.1

Ignored packages (10)

pkgs.python312Packages.affine

Matrices describing affine transformation of the plane

nixos-25.11 2.4.0
- nixos-25.11-small 2.4.0
- nixpkgs-25.11-darwin 2.4.0

pkgs.python313Packages.affine

Matrices describing affine transformation of the plane

nixos-unstable 2.4.0
- nixpkgs-unstable 2.4.0
- nixos-unstable-small 2.4.0
nixos-25.11 2.4.0
- nixos-25.11-small 2.4.0
- nixpkgs-25.11-darwin 2.4.0

pkgs.python314Packages.affine

Matrices describing affine transformation of the plane

nixos-unstable 2.4.0
- nixpkgs-unstable 2.4.0
- nixos-unstable-small 2.4.0

pkgs.python312Packages.affinegap

Cython implementation of the affine gap string distance

nixos-25.11 1.12
- nixos-25.11-small 1.12
- nixpkgs-25.11-darwin 1.12

pkgs.python313Packages.affinegap

Cython implementation of the affine gap string distance

nixos-unstable 2
- nixpkgs-unstable 2
- nixos-unstable-small 2
nixos-25.11 1.12
- nixos-25.11-small 1.12
- nixpkgs-25.11-darwin 1.12

pkgs.python314Packages.affinegap

Cython implementation of the affine gap string distance

nixos-unstable 2
- nixpkgs-unstable 2
- nixos-unstable-small 2

pkgs.python312Packages.affine-gaps

None

nixos-25.11 0.2.4
- nixos-25.11-small 0.2.4
- nixpkgs-25.11-darwin 0.2.4

pkgs.python313Packages.affine-gaps

None

nixos-25.11 0.2.4
- nixos-25.11-small 0.2.4
- nixpkgs-25.11-darwin 0.2.4

pkgs.haskellPackages.affinely-extended

None

nixos-unstable 0.1.0.0
- nixpkgs-unstable 0.1.0.0
- nixos-unstable-small 0.1.0.0
nixos-25.11 0.1.0.0
- nixos-25.11-small 0.1.0.0
- nixpkgs-25.11-darwin 0.1.0.0

pkgs.haskellPackages.simple-affine-space

A simple library for affine and vector spaces

nixos-unstable 0.2.1
- nixpkgs-unstable 0.2.1
- nixos-unstable-small 0.2.1
nixos-25.11 0.2.1
- nixos-25.11-small 0.2.1
- nixpkgs-25.11-darwin 0.2.1

Package maintainers

@xiaoxiangmoe ZHAO JinXiang <xiaoxiangmoe@gmail.com>
@redyf Mateus Alves <mateusalvespereira7@gmail.com>
@ri-char richar

Upstream advisory: https://github.com/toeverything/AFFiNE/security/advisories/GHSA-67vm-2mcj-8965

Nixpkgs security tracker

Details of issue NIXPKGS-2026-0499

References

Affected products

Matching in nixpkgs

pkgs.affine

pkgs.affine-bin

pkgs.python312Packages.affine

pkgs.python313Packages.affine

pkgs.python314Packages.affine

pkgs.python312Packages.affinegap

pkgs.python313Packages.affinegap

pkgs.python314Packages.affinegap

pkgs.python312Packages.affine-gaps

pkgs.python313Packages.affine-gaps

pkgs.haskellPackages.affinely-extended

pkgs.haskellPackages.simple-affine-space

Package maintainers