Nixpkgs Security Tracker

Login with GitHub

Suggestion detail

Dismissed
Permalink CVE-2026-28020
updated 2 weeks, 1 day ago by @mweinelt Activity log
  • Created automatic suggestion 2 weeks, 3 days ago
  • @mweinelt removed
    16 packages
    • chroma
    • chromaprint
    • polychromatic
    • gnomeExtensions.achroma
    • python312Packages.chromadb
    • python313Packages.chromadb
    • python312Packages.chroma-hnswlib
    • python313Packages.chroma-hnswlib
    • python314Packages.chroma-hnswlib
    • pkgsRocm.python3Packages.chromadb
    • python312Packages.langchain-chroma
    • python313Packages.langchain-chroma
    • pkgsRocm.python3Packages.langchain-chroma
    • python312Packages.llama-index-vector-stores-chroma
    • python313Packages.llama-index-vector-stores-chroma
    • pkgsRocm.python3Packages.llama-index-vector-stores-chroma
    2 weeks, 1 day ago
  • @mweinelt dismissed 2 weeks, 1 day ago
WordPress Chroma theme <= 1.11 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Chroma chroma allows PHP Local File Inclusion.This issue affects Chroma: from n/a through <= 1.11.

References

Affected products

chroma
  • =<<= 1.11
Ignored packages (16)

pkgs.gnomeExtensions.achroma

Toggle your display to monochrome/grayscale mode with a single click. Useful for reducing eye strain, improving focus, or accessibility.

  • nixos-unstable -
    • nixpkgs-unstable 5
    • nixos-unstable-small 5 
Not in nixpkgs