Nixpkgs security tracker

Login with GitHub

Details of issue NIXPKGS-2026-1772

NIXPKGS-2026-1772
published on
Permalink CVE-2026-44462
6.4 MEDIUM
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Network (N)
  • Attack Complexity (AC): High (H)
  • Privileges Required (PR): None (N)
  • User Interaction (UI): Required (R)
  • Scope (S): Unchanged (U)
  • Confidentiality (C): High (H)
  • Integrity (I): Low (L)
  • Availability (A): Low (L)
  • Modified Attack Vector (MAV): Network (N)
  • Modified Attack Complexity (MAC): High (H)
  • Modified Privileges Required (MPR): None (N)
  • Modified User Interaction (MUI): Required (R)
  • Modified Confidentiality (MC): High (H)
  • Modified Scope (MS): Unchanged (U)
  • Modified Integrity (MI): Low (L)
  • Modified Availability (MA): Low (L)
updated 12 hours ago by @LeSuisse Activity log
  • Created suggestion 18 hours ago
  • @LeSuisse ignored
    48 packages
    • zed
    • oxidized
    • python314Packages.mkdocs-git-revision-date-localized-plugin
    • python313Packages.mkdocs-git-revision-date-localized-plugin
    • python312Packages.mkdocs-git-revision-date-localized-plugin
    • vscode-extensions.brandonkirbyson.solarized-palenight
    • gnomeExtensions.maximized-by-default-actually-reborn
    • chickenPackages_5.chickenEggs.generalized-arrays
    • vimPlugins.nvim-treesitter-parsers.authzed
    • gnomeExtensions.no-titlebar-when-maximized
    • python314Packages.drf-standardized-errors
    • python312Packages.drf-standardized-errors
    • gnomeExtensions.minimized-windows-buttons
    • perl540Packages.MooseXRoleParameterized
    • perl538Packages.MooseXRoleParameterized
    • gnomeExtensions.truly-maximized-windows
    • perlPackages.MooseXRoleParameterized
    • haskellPackages.hmatrix-vector-sized
    • haskellPackages.sized-wrapper-aeson
    • haskellPackages.parameterized-utils
    • gnomeExtensions.zed-search-provider
    • haskellPackages.sized-wrapper-text
    • python314Packages.parameterized
    • python313Packages.parameterized
    • python312Packages.parameterized
    • gnomeExtensions.hide-minimized
    • haskellPackages.sized-wrapper
    • haskellPackages.parameterized
    • typstPackages.mazed_0_1_0
    • numix-solarized-gtk-theme
    • ocamlPackages_latest.zed
    • ue4demos.stylized_demo
    • zed-discord-presence
    • typstPackages.mazed
    • dircolors-solarized
    • ocamlPackages.zed
    • zed-open-capture
    • nixos-artwork.wallpapers.nineish-solarized-dark
    • haskellPackages.sized-wrapper-quickcheck
    • haskellPackages.vector-sized
    • haskellPackages.bv-sized
    • nerd-fonts.zed-mono
    • guile-colorized
    • spicedb-zed
    • colorized-logs
    • zed-editor-fhs
    • perl5Packages.MooseXRoleParameterized
    • python313Packages.drf-standardized-errors
    12 hours ago
  • @LeSuisse accepted 12 hours ago
  • @LeSuisse published on GitHub 12 hours ago
Zed: Allowlist Bypass via Bash Variable Expansion Chain in Terminal Tool Permissions

Zed is a code editor. Prior to 0.229.0, Zed's terminal tool permission system can be bypassed via bash variable expansion chaining (${var@P}), allowing arbitrary command execution under an allowlisted command prefix. This vulnerability is fixed in 0.229.0.

Affected products

zed
  • ==< 0.229.0

Matching in nixpkgs

pkgs.zed-editor

High-performance, multiplayer code editor from the creators of Atom and Tree-sitter

Ignored packages (48)

pkgs.zed

Novel data lake based on super-structured data

pkgs.oxidized

Network device configuration backup tool. It's a RANCID replacement

pkgs.colorized-logs

Tools for logs with ANSI color

  • nixos-unstable 2.7
    • nixpkgs-unstable 2.7
    • nixos-unstable-small 2.7
  • nixos-25.11 2.7
    • nixos-25.11-small 2.7
    • nixpkgs-25.11-darwin 2.7

pkgs.zed-editor-fhs

Wrapped variant of zed-editor which launches in a FHS compatible environment. Should allow for easy usage of extensions without nix-specific modifications.

  • nixos-unstable -
    • nixpkgs-unstable
    • nixos-unstable-small
  • nixos-25.11 -
    • nixos-25.11-small
    • nixpkgs-25.11-darwin

pkgs.ue4demos.stylized_demo

Unreal Engine 4 Linux demos

  • nixos-25.11 -
    • nixos-25.11-small
    • nixpkgs-25.11-darwin

pkgs.gnomeExtensions.truly-maximized-windows

Maximizes new windows that are in the irritating ALMOST-maximized state. (Probably an xorg issue?)

  • nixos-unstable 2
    • nixpkgs-unstable 2
    • nixos-unstable-small 2
  • nixos-25.11 1
    • nixos-25.11-small 1
    • nixpkgs-25.11-darwin 1

pkgs.gnomeExtensions.minimized-windows-buttons

Shows a button on the bottom (or top) of the screen for each minimized window. Click to maximize again.

  • nixos-unstable 10
    • nixpkgs-unstable 10
    • nixos-unstable-small 10
  • nixos-25.11 5
    • nixos-25.11-small 5
    • nixpkgs-25.11-darwin 5