Nixpkgs security tracker

Untriaged

Permalink CVE-2026-6921

8.3 HIGH

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): HIGH
Privileges required (PR): NONE
User interaction (UI): REQUIRED
Scope (S): CHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): HIGH

created 1 week, 5 days ago Activity log

Created suggestion 1 week, 5 days ago

Race in GPU in Google Chrome on Windows prior to …

Race in GPU in Google Chrome on Windows prior to 147.0.7727.117 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. (Chromium security severity: Medium)

References

Affected products

Chrome

<147.0.7727.117

Matching in nixpkgs

pkgs.netflix

Open Netflix in Google Chrome app mode

nixos-unstable -
- nixpkgs-unstable
- nixos-unstable-small
nixos-25.11 -
- nixos-25.11-small
- nixpkgs-25.11-darwin

pkgs.chromedriver

WebDriver server for running Selenium tests on Chrome

nixos-unstable 147.0.7727.101
- nixpkgs-unstable 147.0.7727.101
- nixos-unstable-small 147.0.7727.101
nixos-25.11 147.0.7727.101
- nixos-25.11-small 147.0.7727.101
- nixpkgs-25.11-darwin 147.0.7727.101

pkgs.mkchromecast

Cast macOS and Linux Audio/Video to your Google Cast and Sonos Devices

nixos-unstable 2025-12-21
- nixpkgs-unstable 2025-12-21
- nixos-unstable-small 2025-12-21
nixos-25.11 2022-10-31
- nixos-25.11-small 2022-10-31
- nixpkgs-25.11-darwin 2022-10-31

pkgs.chrome-export

Scripts to save Google Chrome's bookmarks and history as HTML bookmarks files

nixos-unstable 2.0.2
- nixpkgs-unstable 2.0.2
- nixos-unstable-small 2.0.2
nixos-25.11 2.0.2
- nixos-25.11-small 2.0.2
- nixpkgs-25.11-darwin 2.0.2

pkgs.go-chromecast

CLI for Google Chromecast, Home devices and Cast Groups

nixos-unstable 0.3.4
- nixpkgs-unstable 0.3.4
- nixos-unstable-small 0.3.4
nixos-25.11 0.3.4
- nixos-25.11-small 0.3.4
- nixpkgs-25.11-darwin 0.3.4

pkgs.google-chrome

Freeware web browser developed by Google

nixos-unstable 147.0.7727.101
- nixpkgs-unstable 147.0.7727.101
- nixos-unstable-small 147.0.7727.101
nixos-25.11 147.0.7727.101
- nixos-25.11-small 147.0.7727.101
- nixpkgs-25.11-darwin 147.0.7727.101

pkgs.xf86videoopenchrome

VIA Technologies UniChrome and Chrome9 IGP video driver for the Xorg X server

nixos-unstable 0.6.225
- nixpkgs-unstable 0.6.225
- nixos-unstable-small 0.6.225

pkgs.chrome-token-signing

Chrome and Firefox extension for signing with your eID on the web

nixos-unstable 1.1.5
- nixpkgs-unstable 1.1.5
- nixos-unstable-small 1.1.5
nixos-25.11 1.1.5
- nixos-25.11-small 1.1.5
- nixpkgs-25.11-darwin 1.1.5

pkgs.chrome-pak-customizer

Simple batch tool to customize pak files in chrome or chromium-based browser

nixos-unstable 2.0-unstable-2021-06-24
- nixpkgs-unstable 2.0-unstable-2021-06-24
- nixos-unstable-small 2.0-unstable-2021-06-24
nixos-25.11 2.0-unstable-2021-06-24
- nixos-25.11-small 2.0-unstable-2021-06-24
- nixpkgs-25.11-darwin 2.0-unstable-2021-06-24

pkgs.electron-chromedriver

WebDriver server for running Selenium tests on Chrome

nixos-unstable 41.2.0
- nixpkgs-unstable 41.2.0
- nixos-unstable-small 41.2.0
nixos-25.11 41.2.0
- nixos-25.11-small 41.2.0
- nixpkgs-25.11-darwin 41.2.0

pkgs.xf86-video-openchrome

VIA Technologies UniChrome and Chrome9 IGP video driver for the Xorg X server

nixos-unstable 0.6.225
- nixpkgs-unstable 0.6.225
- nixos-unstable-small 0.6.225
nixos-25.11 0.6.0
- nixos-25.11-small 0.6.0
- nixpkgs-25.11-darwin 0.6.0

pkgs.undetected-chromedriver

Custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 147.0.7727.101
- nixpkgs-unstable 147.0.7727.101
- nixos-unstable-small 147.0.7727.101
nixos-25.11 147.0.7727.101
- nixos-25.11-small 147.0.7727.101
- nixpkgs-25.11-darwin 147.0.7727.101

pkgs.electron-chromedriver_37

WebDriver server for running Selenium tests on Chrome

nixos-25.11 37.10.3
- nixos-25.11-small 37.10.3
- nixpkgs-25.11-darwin 37.10.3

pkgs.electron-chromedriver_38

WebDriver server for running Selenium tests on Chrome

nixos-unstable 38.8.4
- nixpkgs-unstable 38.8.4
- nixos-unstable-small 38.8.4
nixos-25.11 38.8.4
- nixos-25.11-small 38.8.4
- nixpkgs-25.11-darwin 38.8.4

pkgs.electron-chromedriver_39

WebDriver server for running Selenium tests on Chrome

nixos-unstable 39.8.7
- nixpkgs-unstable 39.8.7
- nixos-unstable-small 39.8.7
nixos-25.11 39.8.7
- nixos-25.11-small 39.8.7
- nixpkgs-25.11-darwin 39.8.7

pkgs.electron-chromedriver_40

WebDriver server for running Selenium tests on Chrome

nixos-unstable 40.8.5
- nixpkgs-unstable 40.8.5
- nixos-unstable-small 40.8.5
nixos-25.11 40.8.5
- nixos-25.11-small 40.8.5
- nixpkgs-25.11-darwin 40.8.5

pkgs.electron-chromedriver_41

WebDriver server for running Selenium tests on Chrome

nixos-unstable 41.2.0
- nixpkgs-unstable 41.2.0
- nixos-unstable-small 41.2.0
nixos-25.11 41.2.0
- nixos-25.11-small 41.2.0
- nixpkgs-25.11-darwin 41.2.0

pkgs.xorg.xf86videoopenchrome

None

nixos-25.11 0.6.0
- nixos-25.11-small 0.6.0
- nixpkgs-25.11-darwin 0.6.0

pkgs.ocamlPackages.chrome-trace

Chrome trace event generation library

nixos-unstable 3.21.1
- nixpkgs-unstable 3.21.1
- nixos-unstable-small 3.21.1
nixos-25.11 3.20.2
- nixos-25.11-small 3.20.2
- nixpkgs-25.11-darwin 3.20.2

pkgs.noto-fonts-monochrome-emoji

Monochrome emoji font

nixos-unstable 3.000
- nixpkgs-unstable 3.000
- nixos-unstable-small 3.000
nixos-25.11 3.000
- nixos-25.11-small 3.000
- nixpkgs-25.11-darwin 3.000

pkgs.python312Packages.pychromecast

Library for Python to communicate with the Google Chromecast

nixos-25.11 14.0.9
- nixos-25.11-small 14.0.9
- nixpkgs-25.11-darwin 14.0.9

pkgs.python313Packages.pychromecast

Library for Python to communicate with the Google Chromecast

nixos-unstable 14.0.10
- nixpkgs-unstable 14.0.10
- nixos-unstable-small 14.0.10
nixos-25.11 14.0.9
- nixos-25.11-small 14.0.9
- nixpkgs-25.11-darwin 14.0.9

pkgs.python314Packages.pychromecast

Library for Python to communicate with the Google Chromecast

nixos-unstable 14.0.10
- nixpkgs-unstable 14.0.10
- nixos-unstable-small 14.0.10

pkgs.ocamlPackages_latest.chrome-trace

Chrome trace event generation library

nixos-unstable 3.21.1
- nixpkgs-unstable 3.21.1
- nixos-unstable-small 3.21.1

pkgs.python312Packages.undetected-chromedriver

Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-25.11 3.5.5
- nixos-25.11-small 3.5.5
- nixpkgs-25.11-darwin 3.5.5

pkgs.python313Packages.undetected-chromedriver

Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 3.5.5
- nixpkgs-unstable 3.5.5
- nixos-unstable-small 3.5.5
nixos-25.11 3.5.5
- nixos-25.11-small 3.5.5
- nixpkgs-25.11-darwin 3.5.5

pkgs.python314Packages.undetected-chromedriver

Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 3.5.5
- nixpkgs-unstable 3.5.5
- nixos-unstable-small 3.5.5

pkgs.grafanaPlugins.ventura-psychrometric-panel

Grafana plugin to display air conditions on a psychrometric chart

nixos-unstable 5.1.0
- nixpkgs-unstable 5.1.0
- nixos-unstable-small 5.1.0
nixos-25.11 5.0.4
- nixos-25.11-small 5.0.4
- nixpkgs-25.11-darwin 5.0.4

Package maintainers

@bdesham Benjamin Esham <benjamin@esham.io>
@UlyssesZh Ulysses Zhan <ulysseszhan@gmail.com>
@mmahut Marek Mahut <marek.mahut@gmail.com>
@networkException networkException <nix@nwex.de>
@emilylange Emily Lange <nix@emilylange.de>
@yayayayaka Yaya <github@uwu.is>
@TomaSajt TomaSajt
@liam-murphy14 Liam Murphy <liam.murphy137@gmail.com>
@teutat3s teutat3s <teutates@mailbox.org>
@zi3m5f zi3m5f <k7n3o3a6f@mozmail.com>
@iedame Rafael Ieda <git@ieda.me>
@mdaniels5757 Michael Daniels <nix@mdaniels.me>
@nagisa Simonas Kazlauskas <nixpkgs@kazlauskas.me>
@Shou Benedict Aas <x+g@shou.io>
@roberth Robert Hensing <nixpkgs@roberthensing.nl>
@nicoonoclaste nicoo <nicoo@debian.org>

Suggestion detail

References

Affected products

Matching in nixpkgs

pkgs.netflix

pkgs.chromedriver

pkgs.mkchromecast

pkgs.chrome-export

pkgs.go-chromecast

pkgs.google-chrome

pkgs.xf86videoopenchrome

pkgs.chrome-token-signing

pkgs.chrome-pak-customizer

pkgs.electron-chromedriver

pkgs.xf86-video-openchrome

pkgs.undetected-chromedriver

pkgs.electron-chromedriver_37

pkgs.electron-chromedriver_38

pkgs.electron-chromedriver_39

pkgs.electron-chromedriver_40

pkgs.electron-chromedriver_41

pkgs.xorg.xf86videoopenchrome

pkgs.ocamlPackages.chrome-trace

pkgs.noto-fonts-monochrome-emoji

pkgs.python312Packages.pychromecast

pkgs.python313Packages.pychromecast

pkgs.python314Packages.pychromecast

pkgs.ocamlPackages_latest.chrome-trace

pkgs.python312Packages.undetected-chromedriver

pkgs.python313Packages.undetected-chromedriver

pkgs.python314Packages.undetected-chromedriver

pkgs.grafanaPlugins.ventura-psychrometric-panel

Package maintainers