Nixpkgs Security Tracker

Login with GitHub

Suggestion detail

Dismissed
Permalink CVE-2026-25906
7.3 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
updated 2 weeks, 5 days ago by @LeSuisse Activity log
  • Created automatic suggestion 2 weeks, 5 days ago
  • @LeSuisse removed
    9 packages
    • pngoptimizer
    • meshoptimizer
    • openorbitaloptimizer
    • haskellPackages.amazonka-compute-optimizer
    • python312Packages.mypy-boto3-compute-optimizer
    • python313Packages.mypy-boto3-compute-optimizer
    • python314Packages.mypy-boto3-compute-optimizer
    • python312Packages.types-aiobotocore-compute-optimizer
    • python313Packages.types-aiobotocore-compute-optimizer
    2 weeks, 5 days ago
  • @LeSuisse dismissed 2 weeks, 5 days ago
Dell Optimizer, versions prior to 6.3.1, contain an Improper Link …

Dell Optimizer, versions prior to 6.3.1, contain an Improper Link Resolution Before File Access ('Link Following') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.

References

Affected products

Optimizer
  • <6.3.1.0
Ignored packages (9) 
Not present in nixpkgs