Nixpkgs security tracker

Untriaged

Permalink CVE-2026-10890

created 2 weeks, 1 day ago Activity log

Created suggestion 2 weeks, 1 day ago

Use after free in Cast in Google Chrome prior to …

Use after free in Cast in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to potentially exploit heap corruption via malicious network traffic. (Chromium security severity: Critical)

References

Affected products

Chrome

<149.0.7827.53

Matching in nixpkgs

pkgs.netflix

Open Netflix in Google Chrome app mode

nixos-unstable -
- nixpkgs-unstable
- nixos-unstable-small
nixos-26.05 -
- nixos-26.05-small
- nixpkgs-26.05-darwin

pkgs.chromedriver

WebDriver server for running Selenium tests on Chrome

nixos-unstable 148.0.7778.178
- nixpkgs-unstable 148.0.7778.178
- nixos-unstable-small 148.0.7778.178
nixos-26.05 148.0.7778.178
- nixos-26.05-small 148.0.7778.178
- nixpkgs-26.05-darwin 148.0.7778.178

pkgs.mkchromecast

Cast macOS and Linux Audio/Video to your Google Cast and Sonos Devices

nixos-unstable 2025-12-21
- nixpkgs-unstable 2025-12-21
- nixos-unstable-small 2025-12-21
nixos-26.05 2025-12-21
- nixos-26.05-small 2025-12-21
- nixpkgs-26.05-darwin 2025-12-21

pkgs.chrome-export

Scripts to save Google Chrome's bookmarks and history as HTML bookmarks files

nixos-unstable 2.0.2
- nixpkgs-unstable 2.0.2
- nixos-unstable-small 2.0.2
nixos-26.05 2.0.2
- nixos-26.05-small 2.0.2
- nixpkgs-26.05-darwin 2.0.2

pkgs.go-chromecast

CLI for Google Chromecast, Home devices and Cast Groups

nixos-unstable 0.3.4
- nixpkgs-unstable 0.3.4
- nixos-unstable-small 0.3.4
nixos-26.05 0.3.4
- nixos-26.05-small 0.3.4
- nixpkgs-26.05-darwin 0.3.4

pkgs.google-chrome

Freeware web browser developed by Google

nixos-unstable 148.0.7778.178
- nixpkgs-unstable 148.0.7778.178
- nixos-unstable-small 148.0.7778.178
nixos-26.05 148.0.7778.178
- nixos-26.05-small 148.0.7778.178
- nixpkgs-26.05-darwin 148.0.7778.178

pkgs.xf86videoopenchrome

VIA Technologies UniChrome and Chrome9 IGP video driver for the Xorg X server

nixos-unstable 0.6.225
- nixpkgs-unstable 0.6.225
- nixos-unstable-small 0.6.225
nixos-26.05 0.6.225
- nixos-26.05-small 0.6.225
- nixpkgs-26.05-darwin 0.6.225

pkgs.chrome-token-signing

Chrome and Firefox extension for signing with your eID on the web

nixos-unstable 1.1.5
- nixpkgs-unstable 1.1.5
- nixos-unstable-small 1.1.5
nixos-26.05 1.1.5
- nixos-26.05-small 1.1.5
- nixpkgs-26.05-darwin 1.1.5

pkgs.chrome-pak-customizer

Simple batch tool to customize pak files in chrome or chromium-based browser

nixos-unstable 2.0-unstable-2021-06-24
- nixpkgs-unstable 2.0-unstable-2021-06-24
- nixos-unstable-small 2.0-unstable-2021-06-24
nixos-26.05 2.0-unstable-2021-06-24
- nixos-26.05-small 2.0-unstable-2021-06-24
- nixpkgs-26.05-darwin 2.0-unstable-2021-06-24

pkgs.electron-chromedriver

WebDriver server for running Selenium tests on Chrome

nixos-unstable 41.6.1
- nixpkgs-unstable 41.6.1
- nixos-unstable-small 41.6.1
nixos-26.05 41.6.1
- nixos-26.05-small 41.6.1
- nixpkgs-26.05-darwin 41.6.1

pkgs.xf86-video-openchrome

VIA Technologies UniChrome and Chrome9 IGP video driver for the Xorg X server

nixos-unstable 0.6.225
- nixpkgs-unstable 0.6.225
- nixos-unstable-small 0.6.225
nixos-26.05 0.6.225
- nixos-26.05-small 0.6.225
- nixpkgs-26.05-darwin 0.6.225

pkgs.undetected-chromedriver

Custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 148.0.7778.178
- nixpkgs-unstable 148.0.7778.178
- nixos-unstable-small 148.0.7778.178
nixos-26.05 148.0.7778.178
- nixos-26.05-small 148.0.7778.178
- nixpkgs-26.05-darwin 148.0.7778.178

pkgs.electron-chromedriver_38

WebDriver server for running Selenium tests on Chrome

nixos-unstable 38.8.4
- nixpkgs-unstable 38.8.4
- nixos-unstable-small 38.8.4
nixos-26.05 38.8.4
- nixos-26.05-small 38.8.4
- nixpkgs-26.05-darwin 38.8.4

pkgs.electron-chromedriver_39

WebDriver server for running Selenium tests on Chrome

nixos-unstable 39.8.10
- nixpkgs-unstable 39.8.10
- nixos-unstable-small 39.8.10
nixos-26.05 39.8.10
- nixos-26.05-small 39.8.10
- nixpkgs-26.05-darwin 39.8.10

pkgs.electron-chromedriver_40

WebDriver server for running Selenium tests on Chrome

nixos-unstable 40.10.0
- nixpkgs-unstable 40.10.0
- nixos-unstable-small 40.10.0
nixos-26.05 40.10.0
- nixos-26.05-small 40.10.0
- nixpkgs-26.05-darwin 40.10.0

pkgs.electron-chromedriver_41

WebDriver server for running Selenium tests on Chrome

nixos-unstable 41.6.1
- nixpkgs-unstable 41.6.1
- nixos-unstable-small 41.6.1
nixos-26.05 41.6.1
- nixos-26.05-small 41.6.1
- nixpkgs-26.05-darwin 41.6.1

pkgs.electron-chromedriver_42

WebDriver server for running Selenium tests on Chrome

nixos-unstable 42.1.0
- nixpkgs-unstable 42.1.0
- nixos-unstable-small 42.1.0
nixos-26.05 42.1.0
- nixos-26.05-small 42.1.0
- nixpkgs-26.05-darwin 42.1.0

pkgs.ocamlPackages.chrome-trace

Chrome trace event generation library

nixos-unstable 3.21.1
- nixpkgs-unstable 3.21.1
- nixos-unstable-small 3.21.1
nixos-26.05 3.21.1
- nixos-26.05-small 3.21.1
- nixpkgs-26.05-darwin 3.21.1

pkgs.noto-fonts-monochrome-emoji

Monochrome emoji font

nixos-unstable 3.000
- nixpkgs-unstable 3.000
- nixos-unstable-small 3.000
nixos-26.05 3.000
- nixos-26.05-small 3.000
- nixpkgs-26.05-darwin 3.000

pkgs.python313Packages.pychromecast

Library for Python to communicate with the Google Chromecast

nixos-unstable 14.0.10
- nixpkgs-unstable 14.0.10
- nixos-unstable-small 14.0.10
nixos-26.05 14.0.10
- nixos-26.05-small 14.0.10
- nixpkgs-26.05-darwin 14.0.10

pkgs.python314Packages.pychromecast

Library for Python to communicate with the Google Chromecast

nixos-unstable 14.0.10
- nixpkgs-unstable 14.0.10
- nixos-unstable-small 14.0.10
nixos-26.05 14.0.10
- nixos-26.05-small 14.0.10
- nixpkgs-26.05-darwin 14.0.10

pkgs.ocamlPackages_latest.chrome-trace

Chrome trace event generation library

nixos-unstable 3.21.1
- nixpkgs-unstable 3.21.1
- nixos-unstable-small 3.21.1
nixos-26.05 3.21.1
- nixos-26.05-small 3.21.1
- nixpkgs-26.05-darwin 3.21.1

pkgs.python313Packages.undetected-chromedriver

Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 3.5.5
- nixpkgs-unstable 3.5.5
- nixos-unstable-small 3.5.5
nixos-26.05 3.5.5
- nixos-26.05-small 3.5.5
- nixpkgs-26.05-darwin 3.5.5

pkgs.python314Packages.undetected-chromedriver

Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 3.5.5
- nixpkgs-unstable 3.5.5
- nixos-unstable-small 3.5.5
nixos-26.05 3.5.5
- nixos-26.05-small 3.5.5
- nixpkgs-26.05-darwin 3.5.5

pkgs.grafanaPlugins.ventura-psychrometric-panel

Grafana plugin to display air conditions on a psychrometric chart

nixos-unstable 5.1.0
- nixpkgs-unstable 5.1.0
- nixos-unstable-small 5.1.0
nixos-26.05 5.1.0
- nixos-26.05-small 5.1.0
- nixpkgs-26.05-darwin 5.1.0

Package maintainers

@bdesham Benjamin Esham <benjamin@esham.io>
@UlyssesZh Ulysses Zhan <ulysseszhan@gmail.com>
@mmahut Marek Mahut <marek.mahut@gmail.com>
@emilylange Emily Lange <nix@emilylange.de>
@networkException networkException <nix@nwex.de>
@liam-murphy14 Liam Murphy <liam.murphy137@gmail.com>
@yayayayaka Yaya <github@uwu.is>
@TomaSajt TomaSajt
@teutat3s teutat3s <teutates@mailbox.org>
@zi3m5f zi3m5f <k7n3o3a6f@mozmail.com>
@iedame Rafael Ieda <git@ieda.me>
@mdaniels5757 Michael Daniels <nix@mdaniels.me>
@nagisa Simonas Kazlauskas <nixpkgs@kazlauskas.me>
@Shou Benedict Aas <x+g@shou.io>
@roberth Robert Hensing <nixpkgs@roberthensing.nl>
@nicoonoclaste nicoo <nicoo@debian.org>

Suggestion detail

References

Affected products

Matching in nixpkgs

pkgs.netflix

pkgs.chromedriver

pkgs.mkchromecast

pkgs.chrome-export

pkgs.go-chromecast

pkgs.google-chrome

pkgs.xf86videoopenchrome

pkgs.chrome-token-signing

pkgs.chrome-pak-customizer

pkgs.electron-chromedriver

pkgs.xf86-video-openchrome

pkgs.undetected-chromedriver

pkgs.electron-chromedriver_38

pkgs.electron-chromedriver_39

pkgs.electron-chromedriver_40

pkgs.electron-chromedriver_41

pkgs.electron-chromedriver_42

pkgs.ocamlPackages.chrome-trace

pkgs.noto-fonts-monochrome-emoji

pkgs.python313Packages.pychromecast

pkgs.python314Packages.pychromecast

pkgs.ocamlPackages_latest.chrome-trace

pkgs.python313Packages.undetected-chromedriver

pkgs.python314Packages.undetected-chromedriver

pkgs.grafanaPlugins.ventura-psychrometric-panel

Package maintainers