Nixpkgs security tracker

Dismissed

(not in Nixpkgs)

Permalink CVE-2026-35603

updated 1 week, 2 days ago by @LeSuisse Activity log

Created suggestion 1 week, 4 days ago
@LeSuisse dismissed (not in Nixpkgs) 1 week, 2 days ago

Claude Code: Insecure System-Wide Configuration Loading Enables Local Privilege Escalation on Windows

Claude Code is an agentic coding tool. In versions prior to 2.1.75 on Windows, Claude Code loaded the system-wide default configuration from C:\ProgramData\ClaudeCode\managed-settings.json without validating directory ownership or access permissions. Because the ProgramData directory is writable by non-administrative users by default and the ClaudeCode subdirectory was not pre-created or access-restricted, a low-privileged local user could create this directory and place a malicious configuration file that would be automatically loaded for any user launching Claude Code on the same machine. Exploiting this would have required a shared multi-user Windows system and a victim user to launch Claude Code after the malicious configuration was placed. This issue has been fixed on version 2.1.75.

References

https://github.com/anthropics/claude-code/security/advisories/GHSA-5cwg-9f6j-9jvx x_refsource_CONFIRM

Affected products

claude-code

==< 2.1.75

Matching in nixpkgs

pkgs.claude-code

Agentic coding tool that lives in your terminal, understands your codebase, and helps you code faster

nixos-unstable 2.1.104
- nixpkgs-unstable 2.1.104
- nixos-unstable-small 2.1.107
nixos-25.11 2.1.81
- nixos-25.11-small 2.1.81
- nixpkgs-25.11-darwin 2.1.81

pkgs.claude-code-acp

ACP-compatible coding agent powered by the Claude Code SDK

nixos-25.11 0.10.6
- nixos-25.11-small 0.10.6
- nixpkgs-25.11-darwin 0.10.6

pkgs.claude-code-bin

Agentic coding tool that lives in your terminal, understands your codebase, and helps you code faster

nixos-unstable 2.1.104
- nixpkgs-unstable 2.1.104
- nixos-unstable-small 2.1.107
nixos-25.11 2.1.81
- nixos-25.11-small 2.1.81
- nixpkgs-25.11-darwin 2.1.81

pkgs.claude-code-router

Tool to route Claude Code requests to different models and customize any request

nixos-unstable 2.0.0
- nixpkgs-unstable 2.0.0
- nixos-unstable-small 2.0.0
nixos-25.11 1.0.64
- nixos-25.11-small 1.0.64
- nixpkgs-25.11-darwin 1.0.64

pkgs.gnomeExtensions.claude-code-usage

Display Claude Code usage in the top panel. This extension uses anthropic.com services. This extension is not affiliated, funded, or in any way associated with Claude.

nixos-unstable 4
- nixpkgs-unstable 4
- nixos-unstable-small 4

pkgs.gnomeExtensions.claude-code-switcher

A GNOME shell extension for quickly switching Claude Code API providers with enhanced performance and reliability.

nixos-unstable 13
- nixpkgs-unstable 13
- nixos-unstable-small 13
nixos-25.11 13
- nixos-25.11-small 13
- nixpkgs-25.11-darwin 13

pkgs.vscode-extensions.anthropic.claude-code

Harness the power of Claude Code without leaving your IDE

nixos-unstable 2.1.101
- nixpkgs-unstable 2.1.101
- nixos-unstable-small 2.1.107
nixos-25.11 2.1.81
- nixos-25.11-small 2.1.81
- nixpkgs-25.11-darwin 2.1.81

pkgs.gnomeExtensions.claude-code-usage-indicator

Shows remaining time and usage percentage for Claude Code sessions in the top panel. Displays format like '3h 12m (30%)' showing both time remaining and percentage consumed. Automatically refreshes every 5 minutes.

nixos-unstable 3
- nixpkgs-unstable 3
- nixos-unstable-small 3
nixos-25.11 3
- nixos-25.11-small 3
- nixpkgs-25.11-darwin 3

Package maintainers

@xiaoxiangmoe ZHAO JinXiang <xiaoxiangmoe@gmail.com>
@markus1189 Markus Hauck <markus1189@gmail.com>
@omarjatoi Omar Jatoi
@malob Malo Bourgon <mbourgon@gmail.com>
@adeci Alex Decious <alex.decious@gmail.com>
@storopoli Jose Storopoli <jose@storopoli.com>
@mirkolenz Mirko Lenz <mirko@mirkolenz.com>
@Prince213 Sizhe Zhao <prc.zhao@outlook.com>
@honnip Jung seungwoo <me@honnip.page>

Dismissed

(not in Nixpkgs)

Permalink CVE-2025-15101

updated 1 month ago by @LeSuisse Activity log

Created suggestion 1 month ago
@LeSuisse dismissed (not in Nixpkgs) 1 month ago

A Cross-Site Request Forgery (CSRF) vulnerability has been identified in …

A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the Web management interface of certain ASUS router models. This vulnerability potentially allows actions to be performed with the existing privileges of an authenticated user on the affected device, including the ability to execute system commands through unintended mechanisms. Refer to the 'Security Update for ASUS Router Firmware' section on the ASUS Security Advisory for more information.

References

https://www.asus.com/security-advisory/ vendor-advisory

Affected products

Router

==3.0.0.6_102

Matching in nixpkgs

pkgs.router

Configurable, high-performance routing runtime for Apollo Federation

nixos-unstable 1.56.0
- nixpkgs-unstable 1.56.0
- nixos-unstable-small 1.56.0
nixos-25.11 1.56.0
- nixos-25.11-small 1.56.0
- nixpkgs-25.11-darwin 1.56.0

pkgs.kube-router

All-in-one router, firewall and service proxy for Kubernetes

nixos-unstable 2.7.1
- nixpkgs-unstable 2.7.1
- nixos-unstable-small 2.7.1
nixos-25.11 2.6.2
- nixos-25.11-small 2.6.2
- nixpkgs-25.11-darwin 2.6.2

pkgs.linux-router

Set Linux as router / Wifi hotspot / proxy in one command

nixos-unstable 0.8.1
- nixpkgs-unstable 0.8.1
- nixos-unstable-small 0.8.1
nixos-25.11 0.8.1
- nixos-25.11-small 0.8.1
- nixpkgs-25.11-darwin 0.8.1

pkgs.routersploit

Exploitation Framework for Embedded Devices

nixos-unstable 3.4.7
- nixpkgs-unstable 3.4.7
- nixos-unstable-small 3.4.7
nixos-25.11 3.4.7
- nixos-25.11-small 3.4.7
- nixpkgs-25.11-darwin 3.4.7

pkgs.invidious-router

Go application that routes requests to different Invidious instances based on their health status and (optional) response time

nixos-unstable 1.2
- nixpkgs-unstable 1.2
- nixos-unstable-small 1.2
nixos-25.11 1.2
- nixos-25.11-small 1.2
- nixpkgs-25.11-darwin 1.2

pkgs.claude-code-router

Tool to route Claude Code requests to different models and customize any request

nixos-unstable 2.0.0
- nixpkgs-unstable 2.0.0
- nixos-unstable-small 2.0.0
nixos-25.11 1.0.64
- nixos-25.11-small 1.0.64
- nixpkgs-25.11-darwin 1.0.64

pkgs.upnp-router-control

Access some parameters of the router and manage port forwarding

nixos-unstable 0.3.5
- nixpkgs-unstable 0.3.5
- nixos-unstable-small 0.3.5
nixos-25.11 0.3.5
- nixos-25.11-small 0.3.5
- nixpkgs-25.11-darwin 0.3.5

pkgs.linux-router-without-wifi

Set Linux as router / Wifi hotspot / proxy in one command

nixos-unstable 0.8.1
- nixpkgs-unstable 0.8.1
- nixos-unstable-small 0.8.1
nixos-25.11 0.8.1
- nixos-25.11-small 0.8.1
- nixpkgs-25.11-darwin 0.8.1

pkgs.python312Packages.asusrouter

API wrapper for communication with ASUSWRT-powered routers using HTTP protocol

nixos-25.11 1.21.0
- nixos-25.11-small 1.21.0
- nixpkgs-25.11-darwin 1.21.0

pkgs.python313Packages.asusrouter

API wrapper for communication with ASUSWRT-powered routers using HTTP protocol

nixos-unstable 1.21.3
- nixpkgs-unstable 1.21.3
- nixos-unstable-small 1.21.3
nixos-25.11 1.21.0
- nixos-25.11-small 1.21.0
- nixpkgs-25.11-darwin 1.21.0

pkgs.python314Packages.asusrouter

API wrapper for communication with ASUSWRT-powered routers using HTTP protocol

nixos-unstable 1.21.3
- nixpkgs-unstable 1.21.3
- nixos-unstable-small 1.21.3

pkgs.terraform-providers.routeros

None

nixos-unstable 1.99.1
- nixpkgs-unstable 1.99.1
- nixos-unstable-small 1.99.1
nixos-25.11 1.92.1
- nixos-25.11-small 1.92.1
- nixpkgs-25.11-darwin 1.92.1

pkgs.haskellPackages.gemini-router

A simple Happstack-style Gemini router

nixos-unstable 0.1.2.0
- nixpkgs-unstable 0.1.2.0
- nixos-unstable-small 0.1.2.0
nixos-25.11 0.1.2.0
- nixos-25.11-small 0.1.2.0
- nixpkgs-25.11-darwin 0.1.2.0

pkgs.open-music-kontrollers.router

Atom/Audio/CV router LV2 plugin bundle

nixos-unstable 2021-04-13
- nixpkgs-unstable 2021-04-13
- nixos-unstable-small 2021-04-13
nixos-25.11 2021-04-13
- nixos-25.11-small 2021-04-13
- nixpkgs-25.11-darwin 2021-04-13