Nixpkgs security tracker

Untriaged

Permalink CVE-2026-2648

created 3 months, 1 week ago Activity log

Created suggestion 3 months, 1 week ago

Heap buffer overflow in PDFium in Google Chrome prior to …

Heap buffer overflow in PDFium in Google Chrome prior to 145.0.7632.109 allowed a remote attacker to perform an out of bounds memory write via a crafted PDF file. (Chromium security severity: High)

References

Affected products

Chrome

<145.0.7632.109

Matching in nixpkgs

pkgs.netflix

Open Netflix in Google Chrome app mode

nixos-unstable -
- nixpkgs-unstable
- nixos-unstable-small
nixos-25.11 -
- nixos-25.11-small
- nixpkgs-25.11-darwin

pkgs.chromedriver

WebDriver server for running Selenium tests on Chrome

nixos-unstable 145.0.7632.67
- nixpkgs-unstable 145.0.7632.75
- nixos-unstable-small 145.0.7632.75
nixos-25.11 145.0.7632.75
- nixos-25.11-small 145.0.7632.75
- nixpkgs-25.11-darwin 145.0.7632.75

pkgs.mkchromecast

Cast macOS and Linux Audio/Video to your Google Cast and Sonos Devices

nixos-unstable 2025-12-21
- nixpkgs-unstable 2025-12-21
- nixos-unstable-small 2025-12-21
nixos-25.11 2022-10-31
- nixos-25.11-small 2022-10-31
- nixpkgs-25.11-darwin 2022-10-31

pkgs.chrome-export

Scripts to save Google Chrome's bookmarks and history as HTML bookmarks files

nixos-unstable 2.0.2
- nixpkgs-unstable 2.0.2
- nixos-unstable-small 2.0.2
nixos-25.11 2.0.2
- nixos-25.11-small 2.0.2
- nixpkgs-25.11-darwin 2.0.2

pkgs.go-chromecast

CLI for Google Chromecast, Home devices and Cast Groups

nixos-unstable 0.3.4
- nixpkgs-unstable 0.3.4
- nixos-unstable-small 0.3.4
nixos-25.11 0.3.4
- nixos-25.11-small 0.3.4
- nixpkgs-25.11-darwin 0.3.4

pkgs.google-chrome

Freeware web browser developed by Google

nixos-unstable 145.0.7632.67
- nixpkgs-unstable 145.0.7632.75
- nixos-unstable-small 145.0.7632.75
nixos-25.11 145.0.7632.75
- nixos-25.11-small 145.0.7632.75
- nixpkgs-25.11-darwin 145.0.7632.75

pkgs.xf86videoopenchrome

VIA Technologies UniChrome and Chrome9 IGP video driver for the Xorg X server

nixos-unstable 0.6.225
- nixpkgs-unstable 0.6.225
- nixos-unstable-small 0.6.225

pkgs.chrome-token-signing

Chrome and Firefox extension for signing with your eID on the web

nixos-unstable 1.1.5
- nixpkgs-unstable 1.1.5
- nixos-unstable-small 1.1.5
nixos-25.11 1.1.5
- nixos-25.11-small 1.1.5
- nixpkgs-25.11-darwin 1.1.5

pkgs.chrome-pak-customizer

Simple batch tool to customize pak files in chrome or chromium-based browser

nixos-unstable 2.0-unstable-2021-06-24
- nixpkgs-unstable 2.0-unstable-2021-06-24
- nixos-unstable-small 2.0-unstable-2021-06-24
nixos-25.11 2.0-unstable-2021-06-24
- nixos-25.11-small 2.0-unstable-2021-06-24
- nixpkgs-25.11-darwin 2.0-unstable-2021-06-24

pkgs.electron-chromedriver

WebDriver server for running Selenium tests on Chrome

nixos-unstable 38.8.1
- nixpkgs-unstable 38.8.1
- nixos-unstable-small 38.8.1
nixos-25.11 38.8.0
- nixos-25.11-small 38.8.1
- nixpkgs-25.11-darwin 38.8.1

pkgs.xf86-video-openchrome

VIA Technologies UniChrome and Chrome9 IGP video driver for the Xorg X server

nixos-unstable 0.6.225
- nixpkgs-unstable 0.6.225
- nixos-unstable-small 0.6.225

pkgs.curl-impersonate-chrome

Special build of curl that can impersonate Chrome & Firefox

nixos-25.11 1.2.0
- nixos-25.11-small 1.2.0
- nixpkgs-25.11-darwin 1.2.0

pkgs.undetected-chromedriver

Custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 145.0.7632.67
- nixpkgs-unstable 145.0.7632.75
- nixos-unstable-small 145.0.7632.75
nixos-25.11 145.0.7632.75
- nixos-25.11-small 145.0.7632.75
- nixpkgs-25.11-darwin 145.0.7632.75

pkgs.electron-chromedriver_33

WebDriver server for running Selenium tests on Chrome

pkgs.electron-chromedriver_34

WebDriver server for running Selenium tests on Chrome

pkgs.electron-chromedriver_35

WebDriver server for running Selenium tests on Chrome

pkgs.electron-chromedriver_36

WebDriver server for running Selenium tests on Chrome

nixos-25.11 36.9.5
- nixos-25.11-small 36.9.5
- nixpkgs-25.11-darwin 36.9.5

pkgs.electron-chromedriver_37

WebDriver server for running Selenium tests on Chrome

nixos-unstable 37.10.3
- nixpkgs-unstable 37.10.3
- nixos-unstable-small 37.10.3
nixos-25.11 37.10.3
- nixos-25.11-small 37.10.3
- nixpkgs-25.11-darwin 37.10.3

pkgs.electron-chromedriver_38

WebDriver server for running Selenium tests on Chrome

nixos-unstable 38.8.1
- nixpkgs-unstable 38.8.1
- nixos-unstable-small 38.8.1
nixos-25.11 38.8.0
- nixos-25.11-small 38.8.1
- nixpkgs-25.11-darwin 38.8.1

pkgs.electron-chromedriver_39

WebDriver server for running Selenium tests on Chrome

nixos-unstable 39.5.2
- nixpkgs-unstable 39.5.2
- nixos-unstable-small 39.5.2
nixos-25.11 39.4.0
- nixos-25.11-small 39.5.2
- nixpkgs-25.11-darwin 39.5.2

pkgs.electron-chromedriver_40

WebDriver server for running Selenium tests on Chrome

nixos-unstable 40.3.0
- nixpkgs-unstable 40.3.0
- nixos-unstable-small 40.3.0
nixos-25.11 40.1.0
- nixos-25.11-small 40.3.0
- nixpkgs-25.11-darwin 40.3.0

pkgs.xorg.xf86videoopenchrome

None

nixos-25.11 0.6.0
- nixos-25.11-small 0.6.0
- nixpkgs-25.11-darwin 0.6.0

pkgs.ocamlPackages.chrome-trace

Chrome trace event generation library

nixos-unstable 3.20.2
- nixpkgs-unstable 3.20.2
- nixos-unstable-small 3.20.2
nixos-25.11 3.20.2
- nixos-25.11-small 3.20.2
- nixpkgs-25.11-darwin 3.20.2

pkgs.noto-fonts-monochrome-emoji

Monochrome emoji font

nixos-unstable 3.000
- nixpkgs-unstable 3.000
- nixos-unstable-small 3.000
nixos-25.11 3.000
- nixos-25.11-small 3.000
- nixpkgs-25.11-darwin 3.000

pkgs.python312Packages.pychromecast

Library for Python to communicate with the Google Chromecast

nixos-25.11 14.0.9
- nixos-25.11-small 14.0.9
- nixpkgs-25.11-darwin 14.0.9

pkgs.python313Packages.pychromecast

Library for Python to communicate with the Google Chromecast

nixos-unstable 14.0.9
- nixpkgs-unstable 14.0.9
- nixos-unstable-small 14.0.9
nixos-25.11 14.0.9
- nixos-25.11-small 14.0.9
- nixpkgs-25.11-darwin 14.0.9

pkgs.python314Packages.pychromecast

Library for Python to communicate with the Google Chromecast

nixos-unstable 14.0.9
- nixpkgs-unstable 14.0.9
- nixos-unstable-small 14.0.9

pkgs.ocamlPackages_latest.chrome-trace

Chrome trace event generation library

nixos-unstable 3.20.2
- nixpkgs-unstable 3.20.2
- nixos-unstable-small 3.20.2

pkgs.python312Packages.undetected-chromedriver

Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-25.11 3.5.5
- nixos-25.11-small 3.5.5
- nixpkgs-25.11-darwin 3.5.5

pkgs.python313Packages.undetected-chromedriver

Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 3.5.5
- nixpkgs-unstable 3.5.5
- nixos-unstable-small 3.5.5
nixos-25.11 3.5.5
- nixos-25.11-small 3.5.5
- nixpkgs-25.11-darwin 3.5.5

pkgs.python314Packages.undetected-chromedriver

Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 3.5.5
- nixpkgs-unstable 3.5.5
- nixos-unstable-small 3.5.5

pkgs.grafanaPlugins.ventura-psychrometric-panel

Grafana plugin to display air conditions on a psychrometric chart

nixos-unstable 5.1.0
- nixpkgs-unstable 5.1.0
- nixos-unstable-small 5.1.0
nixos-25.11 5.0.4
- nixos-25.11-small 5.0.4
- nixpkgs-25.11-darwin 5.0.4

Package maintainers

@bdesham Benjamin Esham <benjamin@esham.io>
@UlyssesZh Ulysses Zhan <ulysseszhan@gmail.com>
@mmahut Marek Mahut <marek.mahut@gmail.com>
@emilylange Emily Lange <nix@emilylange.de>
@networkException networkException <nix@nwex.de>
@GGG-KILLER GGG <github@ggg.dev>
@liam-murphy14 Liam Murphy <liam.murphy137@gmail.com>
@yayayayaka Yaya <github@uwu.is>
@zi3m5f zi3m5f <k7n3o3a6f@mozmail.com>
@johnrtitor Masum Reza <masumrezarock100@gmail.com>
@Shou Benedict Aas <x+g@shou.io>
@roberth Robert Hensing <nixpkgs@roberthensing.nl>
@nicoonoclaste nicoo <nicoo@debian.org>
@abbradar Nikolay Amiantov <ab@fmap.me>
@TomaSajt TomaSajt
@teutat3s teutat3s <teutates@mailbox.org>
@nagisa Simonas Kazlauskas <nixpkgs@kazlauskas.me>

Untriaged

Permalink CVE-2026-2649

8.8 HIGH

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): None (N)
User Interaction (UI): Required (R)
Scope (S): Unchanged (U)
Confidentiality (C): High (H)
Integrity (I): High (H)
Availability (A): High (H)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): Required (R)
Modified Confidentiality (MC): High (H)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): High (H)
Modified Availability (MA): High (H)

created 3 months, 1 week ago Activity log

Created suggestion 3 months, 1 week ago

Integer overflow in V8 in Google Chrome prior to 145.0.7632.109 …

Integer overflow in V8 in Google Chrome prior to 145.0.7632.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

References

Affected products

Chrome

<145.0.7632.109

Matching in nixpkgs

pkgs.netflix

Open Netflix in Google Chrome app mode

nixos-unstable -
- nixpkgs-unstable
- nixos-unstable-small
nixos-25.11 -
- nixos-25.11-small
- nixpkgs-25.11-darwin

pkgs.chromedriver

WebDriver server for running Selenium tests on Chrome

nixos-unstable 145.0.7632.67
- nixpkgs-unstable 145.0.7632.75
- nixos-unstable-small 145.0.7632.75
nixos-25.11 145.0.7632.75
- nixos-25.11-small 145.0.7632.75
- nixpkgs-25.11-darwin 145.0.7632.75

pkgs.mkchromecast

Cast macOS and Linux Audio/Video to your Google Cast and Sonos Devices

nixos-unstable 2025-12-21
- nixpkgs-unstable 2025-12-21
- nixos-unstable-small 2025-12-21
nixos-25.11 2022-10-31
- nixos-25.11-small 2022-10-31
- nixpkgs-25.11-darwin 2022-10-31

pkgs.chrome-export

Scripts to save Google Chrome's bookmarks and history as HTML bookmarks files

nixos-unstable 2.0.2
- nixpkgs-unstable 2.0.2
- nixos-unstable-small 2.0.2
nixos-25.11 2.0.2
- nixos-25.11-small 2.0.2
- nixpkgs-25.11-darwin 2.0.2

pkgs.go-chromecast

CLI for Google Chromecast, Home devices and Cast Groups

nixos-unstable 0.3.4
- nixpkgs-unstable 0.3.4
- nixos-unstable-small 0.3.4
nixos-25.11 0.3.4
- nixos-25.11-small 0.3.4
- nixpkgs-25.11-darwin 0.3.4

pkgs.google-chrome

Freeware web browser developed by Google

nixos-unstable 145.0.7632.67
- nixpkgs-unstable 145.0.7632.75
- nixos-unstable-small 145.0.7632.75
nixos-25.11 145.0.7632.75
- nixos-25.11-small 145.0.7632.75
- nixpkgs-25.11-darwin 145.0.7632.75

pkgs.xf86videoopenchrome

VIA Technologies UniChrome and Chrome9 IGP video driver for the Xorg X server

nixos-unstable 0.6.225
- nixpkgs-unstable 0.6.225
- nixos-unstable-small 0.6.225

pkgs.chrome-token-signing

Chrome and Firefox extension for signing with your eID on the web

nixos-unstable 1.1.5
- nixpkgs-unstable 1.1.5
- nixos-unstable-small 1.1.5
nixos-25.11 1.1.5
- nixos-25.11-small 1.1.5
- nixpkgs-25.11-darwin 1.1.5

pkgs.chrome-pak-customizer

Simple batch tool to customize pak files in chrome or chromium-based browser

nixos-unstable 2.0-unstable-2021-06-24
- nixpkgs-unstable 2.0-unstable-2021-06-24
- nixos-unstable-small 2.0-unstable-2021-06-24
nixos-25.11 2.0-unstable-2021-06-24
- nixos-25.11-small 2.0-unstable-2021-06-24
- nixpkgs-25.11-darwin 2.0-unstable-2021-06-24

pkgs.electron-chromedriver

WebDriver server for running Selenium tests on Chrome

nixos-unstable 38.8.1
- nixpkgs-unstable 38.8.1
- nixos-unstable-small 38.8.1
nixos-25.11 38.8.0
- nixos-25.11-small 38.8.1
- nixpkgs-25.11-darwin 38.8.1

pkgs.xf86-video-openchrome

VIA Technologies UniChrome and Chrome9 IGP video driver for the Xorg X server

nixos-unstable 0.6.225
- nixpkgs-unstable 0.6.225
- nixos-unstable-small 0.6.225

pkgs.curl-impersonate-chrome

Special build of curl that can impersonate Chrome & Firefox

nixos-25.11 1.2.0
- nixos-25.11-small 1.2.0
- nixpkgs-25.11-darwin 1.2.0

pkgs.undetected-chromedriver

Custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 145.0.7632.67
- nixpkgs-unstable 145.0.7632.75
- nixos-unstable-small 145.0.7632.75
nixos-25.11 145.0.7632.75
- nixos-25.11-small 145.0.7632.75
- nixpkgs-25.11-darwin 145.0.7632.75

pkgs.electron-chromedriver_33

WebDriver server for running Selenium tests on Chrome

pkgs.electron-chromedriver_34

WebDriver server for running Selenium tests on Chrome

pkgs.electron-chromedriver_35

WebDriver server for running Selenium tests on Chrome

pkgs.electron-chromedriver_36

WebDriver server for running Selenium tests on Chrome

nixos-25.11 36.9.5
- nixos-25.11-small 36.9.5
- nixpkgs-25.11-darwin 36.9.5

pkgs.electron-chromedriver_37

WebDriver server for running Selenium tests on Chrome

nixos-unstable 37.10.3
- nixpkgs-unstable 37.10.3
- nixos-unstable-small 37.10.3
nixos-25.11 37.10.3
- nixos-25.11-small 37.10.3
- nixpkgs-25.11-darwin 37.10.3

pkgs.electron-chromedriver_38

WebDriver server for running Selenium tests on Chrome

nixos-unstable 38.8.1
- nixpkgs-unstable 38.8.1
- nixos-unstable-small 38.8.1
nixos-25.11 38.8.0
- nixos-25.11-small 38.8.1
- nixpkgs-25.11-darwin 38.8.1

pkgs.electron-chromedriver_39

WebDriver server for running Selenium tests on Chrome

nixos-unstable 39.5.2
- nixpkgs-unstable 39.5.2
- nixos-unstable-small 39.5.2
nixos-25.11 39.4.0
- nixos-25.11-small 39.5.2
- nixpkgs-25.11-darwin 39.5.2

pkgs.electron-chromedriver_40

WebDriver server for running Selenium tests on Chrome

nixos-unstable 40.3.0
- nixpkgs-unstable 40.3.0
- nixos-unstable-small 40.3.0
nixos-25.11 40.1.0
- nixos-25.11-small 40.3.0
- nixpkgs-25.11-darwin 40.3.0

pkgs.xorg.xf86videoopenchrome

None

nixos-25.11 0.6.0
- nixos-25.11-small 0.6.0
- nixpkgs-25.11-darwin 0.6.0

pkgs.ocamlPackages.chrome-trace

Chrome trace event generation library

nixos-unstable 3.20.2
- nixpkgs-unstable 3.20.2
- nixos-unstable-small 3.20.2
nixos-25.11 3.20.2
- nixos-25.11-small 3.20.2
- nixpkgs-25.11-darwin 3.20.2

pkgs.noto-fonts-monochrome-emoji

Monochrome emoji font

nixos-unstable 3.000
- nixpkgs-unstable 3.000
- nixos-unstable-small 3.000
nixos-25.11 3.000
- nixos-25.11-small 3.000
- nixpkgs-25.11-darwin 3.000

pkgs.python312Packages.pychromecast

Library for Python to communicate with the Google Chromecast

nixos-25.11 14.0.9
- nixos-25.11-small 14.0.9
- nixpkgs-25.11-darwin 14.0.9

pkgs.python313Packages.pychromecast

Library for Python to communicate with the Google Chromecast

nixos-unstable 14.0.9
- nixpkgs-unstable 14.0.9
- nixos-unstable-small 14.0.9
nixos-25.11 14.0.9
- nixos-25.11-small 14.0.9
- nixpkgs-25.11-darwin 14.0.9

pkgs.python314Packages.pychromecast

Library for Python to communicate with the Google Chromecast

nixos-unstable 14.0.9
- nixpkgs-unstable 14.0.9
- nixos-unstable-small 14.0.9

pkgs.ocamlPackages_latest.chrome-trace

Chrome trace event generation library

nixos-unstable 3.20.2
- nixpkgs-unstable 3.20.2
- nixos-unstable-small 3.20.2

pkgs.python312Packages.undetected-chromedriver

Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-25.11 3.5.5
- nixos-25.11-small 3.5.5
- nixpkgs-25.11-darwin 3.5.5

pkgs.python313Packages.undetected-chromedriver

Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 3.5.5
- nixpkgs-unstable 3.5.5
- nixos-unstable-small 3.5.5
nixos-25.11 3.5.5
- nixos-25.11-small 3.5.5
- nixpkgs-25.11-darwin 3.5.5

pkgs.python314Packages.undetected-chromedriver

Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 3.5.5
- nixpkgs-unstable 3.5.5
- nixos-unstable-small 3.5.5

pkgs.grafanaPlugins.ventura-psychrometric-panel

Grafana plugin to display air conditions on a psychrometric chart

nixos-unstable 5.1.0
- nixpkgs-unstable 5.1.0
- nixos-unstable-small 5.1.0
nixos-25.11 5.0.4
- nixos-25.11-small 5.0.4
- nixpkgs-25.11-darwin 5.0.4

Package maintainers

@bdesham Benjamin Esham <benjamin@esham.io>
@UlyssesZh Ulysses Zhan <ulysseszhan@gmail.com>
@mmahut Marek Mahut <marek.mahut@gmail.com>
@emilylange Emily Lange <nix@emilylange.de>
@networkException networkException <nix@nwex.de>
@GGG-KILLER GGG <github@ggg.dev>
@liam-murphy14 Liam Murphy <liam.murphy137@gmail.com>
@yayayayaka Yaya <github@uwu.is>
@zi3m5f zi3m5f <k7n3o3a6f@mozmail.com>
@johnrtitor Masum Reza <masumrezarock100@gmail.com>
@Shou Benedict Aas <x+g@shou.io>
@roberth Robert Hensing <nixpkgs@roberthensing.nl>
@nicoonoclaste nicoo <nicoo@debian.org>
@abbradar Nikolay Amiantov <ab@fmap.me>
@TomaSajt TomaSajt
@teutat3s teutat3s <teutates@mailbox.org>
@nagisa Simonas Kazlauskas <nixpkgs@kazlauskas.me>

Untriaged

Permalink CVE-2026-1504

6.5 MEDIUM

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): None (N)
User Interaction (UI): Required (R)
Scope (S): Unchanged (U)
Confidentiality (C): High (H)
Integrity (I): None (N)
Availability (A): None (N)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): Required (R)
Modified Confidentiality (MC): High (H)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): None (N)
Modified Availability (MA): None (N)

created 3 months, 4 weeks ago Activity log

Created suggestion 3 months, 4 weeks ago

Inappropriate implementation in Background Fetch API in Google Chrome prior …

Inappropriate implementation in Background Fetch API in Google Chrome prior to 144.0.7559.110 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)

References

Affected products

Chrome

<144.0.7559.110

Matching in nixpkgs

pkgs.netflix

Open Netflix in Google Chrome app mode

nixos-unstable -
- nixpkgs-unstable
- nixos-unstable-small

pkgs.chromedriver

WebDriver server for running Selenium tests on Chrome

nixos-unstable 142.0.7444.175
- nixpkgs-unstable 142.0.7444.175
- nixos-unstable-small 142.0.7444.175

pkgs.mkchromecast

Cast macOS and Linux Audio/Video to your Google Cast and Sonos Devices

nixos-unstable 2022-10-31
- nixpkgs-unstable 2022-10-31
- nixos-unstable-small 2022-10-31

pkgs.chrome-export

Scripts to save Google Chrome's bookmarks and history as HTML bookmarks files

nixos-unstable 2.0.2
- nixpkgs-unstable 2.0.2
- nixos-unstable-small 2.0.2

pkgs.go-chromecast

CLI for Google Chromecast, Home devices and Cast Groups

nixos-unstable 0.3.4
- nixpkgs-unstable 0.3.4
- nixos-unstable-small 0.3.4

pkgs.google-chrome

Freeware web browser developed by Google

nixos-unstable 142.0.7444.175
- nixpkgs-unstable 142.0.7444.175
- nixos-unstable-small 142.0.7444.175

pkgs.chrome-token-signing

Chrome and Firefox extension for signing with your eID on the web

nixos-unstable 1.1.5
- nixpkgs-unstable 1.1.5
- nixos-unstable-small 1.1.5

pkgs.chrome-pak-customizer

Simple batch tool to customize pak files in chrome or chromium-based browser

nixos-unstable 2.0-unstable-2021-06-24
- nixpkgs-unstable 2.0-unstable-2021-06-24
- nixos-unstable-small 2.0-unstable-2021-06-24

pkgs.curl-impersonate-chrome

Special build of curl that can impersonate Chrome & Firefox

nixos-unstable 1.2.0
- nixpkgs-unstable 1.2.0
- nixos-unstable-small 1.2.0

pkgs.undetected-chromedriver

Custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 142.0.7444.175
- nixpkgs-unstable 142.0.7444.175
- nixos-unstable-small 142.0.7444.175

pkgs.electron-chromedriver_33

WebDriver server for running Selenium tests on Chrome

pkgs.electron-chromedriver_34

WebDriver server for running Selenium tests on Chrome

pkgs.electron-chromedriver_35

WebDriver server for running Selenium tests on Chrome

pkgs.electron-chromedriver_36

WebDriver server for running Selenium tests on Chrome

nixos-unstable 36.9.5
- nixpkgs-unstable 36.9.5
- nixos-unstable-small 36.9.5

pkgs.electron-chromedriver_37

WebDriver server for running Selenium tests on Chrome

nixos-unstable 37.10.2
- nixpkgs-unstable 37.10.2
- nixos-unstable-small 37.10.2

pkgs.electron-chromedriver_38

WebDriver server for running Selenium tests on Chrome

nixos-unstable 38.7.1
- nixpkgs-unstable 38.7.1
- nixos-unstable-small 38.7.1

pkgs.electron-chromedriver_39

WebDriver server for running Selenium tests on Chrome

nixos-unstable 39.2.3
- nixpkgs-unstable 39.2.3
- nixos-unstable-small 39.2.3

pkgs.xorg.xf86videoopenchrome

None

nixos-unstable 0.6.0
- nixpkgs-unstable 0.6.0
- nixos-unstable-small 0.6.0

pkgs.ocamlPackages.chrome-trace

Chrome trace event generation library

nixos-unstable 3.20.2
- nixpkgs-unstable 3.20.2
- nixos-unstable-small 3.20.2

pkgs.noto-fonts-monochrome-emoji

Monochrome emoji font

nixos-unstable 3.000
- nixpkgs-unstable 3.000
- nixos-unstable-small 3.000

pkgs.python312Packages.pychromecast

Library for Python to communicate with the Google Chromecast

nixos-unstable 14.0.9
- nixpkgs-unstable 14.0.9
- nixos-unstable-small 14.0.9

pkgs.python313Packages.pychromecast

Library for Python to communicate with the Google Chromecast

nixos-unstable 14.0.9
- nixpkgs-unstable 14.0.9
- nixos-unstable-small 14.0.9

pkgs.python312Packages.undetected-chromedriver

Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 3.5.5
- nixpkgs-unstable 3.5.5
- nixos-unstable-small 3.5.5

pkgs.python313Packages.undetected-chromedriver

Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 3.5.5
- nixpkgs-unstable 3.5.5
- nixos-unstable-small 3.5.5

pkgs.grafanaPlugins.ventura-psychrometric-panel

Grafana plugin to display air conditions on a psychrometric chart

nixos-unstable 5.0.4
- nixpkgs-unstable 5.0.4
- nixos-unstable-small 5.0.4

Package maintainers

@bdesham Benjamin Esham <benjamin@esham.io>
@UlyssesZh Ulysses Zhan <ulysseszhan@gmail.com>
@mmahut Marek Mahut <marek.mahut@gmail.com>
@emilylange Emily Lange <nix@emilylange.de>
@networkException networkException <nix@nwex.de>
@GGG-KILLER GGG <github@ggg.dev>
@liam-murphy14 Liam Murphy <liam.murphy137@gmail.com>
@yayayayaka Yaya <github@uwu.is>
@zi3m5f zi3m5f <k7n3o3a6f@mozmail.com>
@johnrtitor Masum Reza <masumrezarock100@gmail.com>
@Shou Benedict Aas <x+g@shou.io>
@roberth Robert Hensing <nixpkgs@roberthensing.nl>
@nicoonoclaste nicoo <nicoo@debian.org>
@abbradar Nikolay Amiantov <ab@fmap.me>
@nagisa Simonas Kazlauskas <nixpkgs@kazlauskas.me>

Untriaged

Permalink CVE-2025-5805

8.8 HIGH

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): Low (L)
User Interaction (UI): None (N)
Scope (S): Unchanged (U)
Confidentiality (C): High (H)
Integrity (I): High (H)
Availability (A): High (H)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): Low (L)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): High (H)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): High (H)
Modified Availability (MA): High (H)

created 4 months ago Activity log

Created suggestion 4 months ago

WordPress Electron theme <= 1.8.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Ninetheme Electron electron allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Electron: from n/a through <= 1.8.2.

References

https://patchstack.com/database/Wordpress/Theme/electron/vulnerability/wordpres… vdb-entry

Affected products

electron

=<<= 1.8.2

Matching in nixpkgs

pkgs.electron

Cross platform desktop application shell

nixos-unstable -
- nixos-unstable-small 38.7.1

pkgs.electron_36

Cross platform desktop application shell

pkgs.electron_37

Cross platform desktop application shell

nixos-unstable 37.10.2
- nixpkgs-unstable 37.10.2
- nixos-unstable-small 37.10.2

pkgs.electron_38

Cross platform desktop application shell

nixos-unstable 38.7.1
- nixpkgs-unstable 38.7.1
- nixos-unstable-small 38.7.1

pkgs.electron_39

Cross platform desktop application shell

nixos-unstable 39.2.3
- nixpkgs-unstable 39.2.3
- nixos-unstable-small 39.2.3

pkgs.electron-bin

Cross platform desktop application shell

nixos-unstable -
- nixos-unstable-small 38.7.1

pkgs.gfn-electron

Linux Desktop client for Nvidia's GeForce NOW game streaming service

pkgs.electron-cash

Bitcoin Cash SPV Wallet

nixos-unstable 4.4.2
- nixpkgs-unstable 4.4.2
- nixos-unstable-small 4.4.2

pkgs.electron-mail

ElectronMail is an Electron-based unofficial desktop client for ProtonMail

nixos-unstable 5.3.3
- nixpkgs-unstable 5.3.3
- nixos-unstable-small 5.3.3

pkgs.electron-fiddle

Easiest way to get started with Electron

nixos-unstable 0.37.2
- nixpkgs-unstable 0.37.2
- nixos-unstable-small 0.37.2

pkgs.electron_33-bin

Cross platform desktop application shell

pkgs.electron_34-bin

Cross platform desktop application shell

pkgs.electron_35-bin

Cross platform desktop application shell

pkgs.electron_36-bin

Cross platform desktop application shell

nixos-unstable 36.9.5
- nixpkgs-unstable 36.9.5
- nixos-unstable-small 36.9.5

pkgs.electron_37-bin

Cross platform desktop application shell

nixos-unstable 37.10.2
- nixpkgs-unstable 37.10.2
- nixos-unstable-small 37.10.2

pkgs.electron_38-bin

Cross platform desktop application shell

nixos-unstable 38.7.1
- nixpkgs-unstable 38.7.1
- nixos-unstable-small 38.7.1

pkgs.electron_39-bin

Cross platform desktop application shell

nixos-unstable 39.2.3
- nixpkgs-unstable 39.2.3
- nixos-unstable-small 39.2.3

pkgs.todoist-electron

Official Todoist electron app

nixos-unstable 9.18.0
- nixpkgs-unstable 9.18.0
- nixos-unstable-small 9.20.0

pkgs.jitsi-meet-electron

Jitsi Meet desktop application powered by Electron

nixos-unstable 2025.2.0
- nixpkgs-unstable 2025.2.0
- nixos-unstable-small 2025.2.0

pkgs.idrisPackages.electron

Electron bindings for Idris

nixos-unstable 2016-03-07
- nixpkgs-unstable 2016-03-07
- nixos-unstable-small 2016-03-07

pkgs.electron-chromedriver_33

WebDriver server for running Selenium tests on Chrome

pkgs.electron-chromedriver_34

WebDriver server for running Selenium tests on Chrome

pkgs.electron-chromedriver_35

WebDriver server for running Selenium tests on Chrome

pkgs.electron-chromedriver_36

WebDriver server for running Selenium tests on Chrome

nixos-unstable 36.9.5
- nixpkgs-unstable 36.9.5
- nixos-unstable-small 36.9.5

pkgs.electron-chromedriver_37

WebDriver server for running Selenium tests on Chrome

nixos-unstable 37.10.2
- nixpkgs-unstable 37.10.2
- nixos-unstable-small 37.10.2

pkgs.electron-chromedriver_38

WebDriver server for running Selenium tests on Chrome

nixos-unstable 38.7.1
- nixpkgs-unstable 38.7.1
- nixos-unstable-small 38.7.1

pkgs.electron-chromedriver_39

WebDriver server for running Selenium tests on Chrome

nixos-unstable 39.2.3
- nixpkgs-unstable 39.2.3
- nixos-unstable-small 39.2.3

pkgs.nodePackages.%40electron-forge%2Fcli

A complete tool for building modern Electron applications

pkgs.nodePackages_latest.%40electron-forge%2Fcli

A complete tool for building modern Electron applications

Package maintainers

@teutat3s teutat3s <teutates@mailbox.org>
@TomaSajt TomaSajt
@yayayayaka Yaya <github@uwu.is>
@nyanloutre Paul Trehiou <paul@nyanlout.re>
@oxalica oxalica <oxalicc@pm.me>
@Lassulus Lassulus <lassulus@gmail.com>
@liam-murphy14 Liam Murphy <liam.murphy137@gmail.com>
@andersk Anders Kaseorg <andersk@mit.edu>
@Princemachiavelli Josh Hoffer <jhoffer@sansorgan.es>
@pluiedev Leah Amelia Chen <hi@pluie.me>
@brainrake Marton Boros <martonboros@gmail.com>
@novmar Marcel Novotny <novotny@marnov.cz>
@ryantm Ryan Mulligan <ryan@ryantm.com>
@pokon548 Bu Kun <nix@bukn.uk>
@kylesferrazza Kyle Sferrazza <nixpkgs@kylesferrazza.com>

Untriaged

Permalink CVE-2026-0907

9.8 CRITICAL

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): None (N)
User Interaction (UI): None (N)
Scope (S): Unchanged (U)
Confidentiality (C): High (H)
Integrity (I): High (H)
Availability (A): High (H)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): High (H)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): High (H)
Modified Availability (MA): High (H)

created 4 months ago Activity log

Created suggestion 4 months ago

Incorrect security UI in Split View in Google Chrome prior …

Incorrect security UI in Split View in Google Chrome prior to 144.0.7559.59 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

References

Affected products

Chrome

<144.0.7559.59

Matching in nixpkgs

pkgs.netflix

Open Netflix in Google Chrome app mode

nixos-unstable -
- nixpkgs-unstable
- nixos-unstable-small

pkgs.chromedriver

WebDriver server for running Selenium tests on Chrome

nixos-unstable 142.0.7444.175
- nixpkgs-unstable 142.0.7444.175
- nixos-unstable-small 142.0.7444.175

pkgs.mkchromecast

Cast macOS and Linux Audio/Video to your Google Cast and Sonos Devices

nixos-unstable 2022-10-31
- nixpkgs-unstable 2022-10-31
- nixos-unstable-small 2022-10-31

pkgs.chrome-export

Scripts to save Google Chrome's bookmarks and history as HTML bookmarks files

nixos-unstable 2.0.2
- nixpkgs-unstable 2.0.2
- nixos-unstable-small 2.0.2

pkgs.go-chromecast

CLI for Google Chromecast, Home devices and Cast Groups

nixos-unstable 0.3.4
- nixpkgs-unstable 0.3.4
- nixos-unstable-small 0.3.4

pkgs.google-chrome

Freeware web browser developed by Google

nixos-unstable 142.0.7444.175
- nixpkgs-unstable 142.0.7444.175
- nixos-unstable-small 142.0.7444.175

pkgs.chrome-token-signing

Chrome and Firefox extension for signing with your eID on the web

nixos-unstable 1.1.5
- nixpkgs-unstable 1.1.5
- nixos-unstable-small 1.1.5

pkgs.chrome-pak-customizer

Simple batch tool to customize pak files in chrome or chromium-based browser

nixos-unstable 2.0-unstable-2021-06-24
- nixpkgs-unstable 2.0-unstable-2021-06-24
- nixos-unstable-small 2.0-unstable-2021-06-24

pkgs.curl-impersonate-chrome

Special build of curl that can impersonate Chrome & Firefox

nixos-unstable 1.2.0
- nixpkgs-unstable 1.2.0
- nixos-unstable-small 1.2.0

pkgs.undetected-chromedriver

Custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 142.0.7444.175
- nixpkgs-unstable 142.0.7444.175
- nixos-unstable-small 142.0.7444.175

pkgs.electron-chromedriver_33

WebDriver server for running Selenium tests on Chrome

pkgs.electron-chromedriver_34

WebDriver server for running Selenium tests on Chrome

pkgs.electron-chromedriver_35

WebDriver server for running Selenium tests on Chrome

pkgs.electron-chromedriver_36

WebDriver server for running Selenium tests on Chrome

nixos-unstable 36.9.5
- nixpkgs-unstable 36.9.5
- nixos-unstable-small 36.9.5

pkgs.electron-chromedriver_37

WebDriver server for running Selenium tests on Chrome

nixos-unstable 37.10.2
- nixpkgs-unstable 37.10.2
- nixos-unstable-small 37.10.2

pkgs.electron-chromedriver_38

WebDriver server for running Selenium tests on Chrome

nixos-unstable 38.7.1
- nixpkgs-unstable 38.7.1
- nixos-unstable-small 38.7.1

pkgs.electron-chromedriver_39

WebDriver server for running Selenium tests on Chrome

nixos-unstable 39.2.3
- nixpkgs-unstable 39.2.3
- nixos-unstable-small 39.2.3

pkgs.xorg.xf86videoopenchrome

None

nixos-unstable 0.6.0
- nixpkgs-unstable 0.6.0
- nixos-unstable-small 0.6.0

pkgs.ocamlPackages.chrome-trace

Chrome trace event generation library

nixos-unstable 3.20.2
- nixpkgs-unstable 3.20.2
- nixos-unstable-small 3.20.2

pkgs.noto-fonts-monochrome-emoji

Monochrome emoji font

nixos-unstable 3.000
- nixpkgs-unstable 3.000
- nixos-unstable-small 3.000

pkgs.python312Packages.pychromecast

Library for Python to communicate with the Google Chromecast

nixos-unstable 14.0.9
- nixpkgs-unstable 14.0.9
- nixos-unstable-small 14.0.9

pkgs.python313Packages.pychromecast

Library for Python to communicate with the Google Chromecast

nixos-unstable 14.0.9
- nixpkgs-unstable 14.0.9
- nixos-unstable-small 14.0.9

pkgs.python312Packages.undetected-chromedriver

Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 3.5.5
- nixpkgs-unstable 3.5.5
- nixos-unstable-small 3.5.5

pkgs.python313Packages.undetected-chromedriver

Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 3.5.5
- nixpkgs-unstable 3.5.5
- nixos-unstable-small 3.5.5

pkgs.grafanaPlugins.ventura-psychrometric-panel

Grafana plugin to display air conditions on a psychrometric chart

nixos-unstable 5.0.4
- nixpkgs-unstable 5.0.4
- nixos-unstable-small 5.0.4

Package maintainers

@bdesham Benjamin Esham <benjamin@esham.io>
@UlyssesZh Ulysses Zhan <ulysseszhan@gmail.com>
@mmahut Marek Mahut <marek.mahut@gmail.com>
@emilylange Emily Lange <nix@emilylange.de>
@networkException networkException <nix@nwex.de>
@GGG-KILLER GGG <github@ggg.dev>
@liam-murphy14 Liam Murphy <liam.murphy137@gmail.com>
@yayayayaka Yaya <github@uwu.is>
@zi3m5f zi3m5f <k7n3o3a6f@mozmail.com>
@johnrtitor Masum Reza <masumrezarock100@gmail.com>
@Shou Benedict Aas <x+g@shou.io>
@roberth Robert Hensing <nixpkgs@roberthensing.nl>
@nicoonoclaste nicoo <nicoo@debian.org>
@abbradar Nikolay Amiantov <ab@fmap.me>
@nagisa Simonas Kazlauskas <nixpkgs@kazlauskas.me>

Untriaged

Permalink CVE-2026-0900

8.8 HIGH

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): None (N)
User Interaction (UI): Required (R)
Scope (S): Unchanged (U)
Confidentiality (C): High (H)
Integrity (I): High (H)
Availability (A): High (H)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): Required (R)
Modified Confidentiality (MC): High (H)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): High (H)
Modified Availability (MA): High (H)

created 4 months ago Activity log

Created suggestion 4 months ago

Inappropriate implementation in V8 in Google Chrome prior to 144.0.7559.59 …

Inappropriate implementation in V8 in Google Chrome prior to 144.0.7559.59 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)

References

Affected products

Chrome

<144.0.7559.59

Matching in nixpkgs

pkgs.netflix

Open Netflix in Google Chrome app mode

nixos-unstable -
- nixpkgs-unstable
- nixos-unstable-small

pkgs.chromedriver

WebDriver server for running Selenium tests on Chrome

nixos-unstable 142.0.7444.175
- nixpkgs-unstable 142.0.7444.175
- nixos-unstable-small 142.0.7444.175

pkgs.mkchromecast

Cast macOS and Linux Audio/Video to your Google Cast and Sonos Devices

nixos-unstable 2022-10-31
- nixpkgs-unstable 2022-10-31
- nixos-unstable-small 2022-10-31

pkgs.chrome-export

Scripts to save Google Chrome's bookmarks and history as HTML bookmarks files

nixos-unstable 2.0.2
- nixpkgs-unstable 2.0.2
- nixos-unstable-small 2.0.2

pkgs.go-chromecast

CLI for Google Chromecast, Home devices and Cast Groups

nixos-unstable 0.3.4
- nixpkgs-unstable 0.3.4
- nixos-unstable-small 0.3.4

pkgs.google-chrome

Freeware web browser developed by Google

nixos-unstable 142.0.7444.175
- nixpkgs-unstable 142.0.7444.175
- nixos-unstable-small 142.0.7444.175

pkgs.chrome-token-signing

Chrome and Firefox extension for signing with your eID on the web

nixos-unstable 1.1.5
- nixpkgs-unstable 1.1.5
- nixos-unstable-small 1.1.5

pkgs.chrome-pak-customizer

Simple batch tool to customize pak files in chrome or chromium-based browser

nixos-unstable 2.0-unstable-2021-06-24
- nixpkgs-unstable 2.0-unstable-2021-06-24
- nixos-unstable-small 2.0-unstable-2021-06-24

pkgs.curl-impersonate-chrome

Special build of curl that can impersonate Chrome & Firefox

nixos-unstable 1.2.0
- nixpkgs-unstable 1.2.0
- nixos-unstable-small 1.2.0

pkgs.undetected-chromedriver

Custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 142.0.7444.175
- nixpkgs-unstable 142.0.7444.175
- nixos-unstable-small 142.0.7444.175

pkgs.electron-chromedriver_33

WebDriver server for running Selenium tests on Chrome

pkgs.electron-chromedriver_34

WebDriver server for running Selenium tests on Chrome

pkgs.electron-chromedriver_35

WebDriver server for running Selenium tests on Chrome

pkgs.electron-chromedriver_36

WebDriver server for running Selenium tests on Chrome

nixos-unstable 36.9.5
- nixpkgs-unstable 36.9.5
- nixos-unstable-small 36.9.5

pkgs.electron-chromedriver_37

WebDriver server for running Selenium tests on Chrome

nixos-unstable 37.10.2
- nixpkgs-unstable 37.10.2
- nixos-unstable-small 37.10.2

pkgs.electron-chromedriver_38

WebDriver server for running Selenium tests on Chrome

nixos-unstable 38.7.1
- nixpkgs-unstable 38.7.1
- nixos-unstable-small 38.7.1

pkgs.electron-chromedriver_39

WebDriver server for running Selenium tests on Chrome

nixos-unstable 39.2.3
- nixpkgs-unstable 39.2.3
- nixos-unstable-small 39.2.3

pkgs.xorg.xf86videoopenchrome

None

nixos-unstable 0.6.0
- nixpkgs-unstable 0.6.0
- nixos-unstable-small 0.6.0

pkgs.ocamlPackages.chrome-trace

Chrome trace event generation library

nixos-unstable 3.20.2
- nixpkgs-unstable 3.20.2
- nixos-unstable-small 3.20.2

pkgs.noto-fonts-monochrome-emoji

Monochrome emoji font

nixos-unstable 3.000
- nixpkgs-unstable 3.000
- nixos-unstable-small 3.000

pkgs.python312Packages.pychromecast

Library for Python to communicate with the Google Chromecast

nixos-unstable 14.0.9
- nixpkgs-unstable 14.0.9
- nixos-unstable-small 14.0.9

pkgs.python313Packages.pychromecast

Library for Python to communicate with the Google Chromecast

nixos-unstable 14.0.9
- nixpkgs-unstable 14.0.9
- nixos-unstable-small 14.0.9

pkgs.python312Packages.undetected-chromedriver

Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 3.5.5
- nixpkgs-unstable 3.5.5
- nixos-unstable-small 3.5.5

pkgs.python313Packages.undetected-chromedriver

Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 3.5.5
- nixpkgs-unstable 3.5.5
- nixos-unstable-small 3.5.5

pkgs.grafanaPlugins.ventura-psychrometric-panel

Grafana plugin to display air conditions on a psychrometric chart

nixos-unstable 5.0.4
- nixpkgs-unstable 5.0.4
- nixos-unstable-small 5.0.4

Package maintainers

@bdesham Benjamin Esham <benjamin@esham.io>
@UlyssesZh Ulysses Zhan <ulysseszhan@gmail.com>
@mmahut Marek Mahut <marek.mahut@gmail.com>
@emilylange Emily Lange <nix@emilylange.de>
@networkException networkException <nix@nwex.de>
@GGG-KILLER GGG <github@ggg.dev>
@liam-murphy14 Liam Murphy <liam.murphy137@gmail.com>
@yayayayaka Yaya <github@uwu.is>
@zi3m5f zi3m5f <k7n3o3a6f@mozmail.com>
@johnrtitor Masum Reza <masumrezarock100@gmail.com>
@Shou Benedict Aas <x+g@shou.io>
@roberth Robert Hensing <nixpkgs@roberthensing.nl>
@nicoonoclaste nicoo <nicoo@debian.org>
@abbradar Nikolay Amiantov <ab@fmap.me>
@nagisa Simonas Kazlauskas <nixpkgs@kazlauskas.me>

Untriaged

Permalink CVE-2026-0904

5.4 MEDIUM

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): None (N)
User Interaction (UI): Required (R)
Scope (S): Unchanged (U)
Confidentiality (C): Low (L)
Integrity (I): Low (L)
Availability (A): None (N)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): Required (R)
Modified Confidentiality (MC): Low (L)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): Low (L)
Modified Availability (MA): None (N)

created 4 months ago Activity log

Created suggestion 4 months ago

Incorrect security UI in Digital Credentials in Google Chrome prior …

Incorrect security UI in Digital Credentials in Google Chrome prior to 144.0.7559.59 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Medium)

References

Affected products

Chrome

<144.0.7559.59

Matching in nixpkgs

pkgs.netflix

Open Netflix in Google Chrome app mode

nixos-unstable -
- nixpkgs-unstable
- nixos-unstable-small

pkgs.chromedriver

WebDriver server for running Selenium tests on Chrome

nixos-unstable 142.0.7444.175
- nixpkgs-unstable 142.0.7444.175
- nixos-unstable-small 142.0.7444.175

pkgs.mkchromecast

Cast macOS and Linux Audio/Video to your Google Cast and Sonos Devices

nixos-unstable 2022-10-31
- nixpkgs-unstable 2022-10-31
- nixos-unstable-small 2022-10-31

pkgs.chrome-export

Scripts to save Google Chrome's bookmarks and history as HTML bookmarks files

nixos-unstable 2.0.2
- nixpkgs-unstable 2.0.2
- nixos-unstable-small 2.0.2

pkgs.go-chromecast

CLI for Google Chromecast, Home devices and Cast Groups

nixos-unstable 0.3.4
- nixpkgs-unstable 0.3.4
- nixos-unstable-small 0.3.4

pkgs.google-chrome

Freeware web browser developed by Google

nixos-unstable 142.0.7444.175
- nixpkgs-unstable 142.0.7444.175
- nixos-unstable-small 142.0.7444.175

pkgs.chrome-token-signing

Chrome and Firefox extension for signing with your eID on the web

nixos-unstable 1.1.5
- nixpkgs-unstable 1.1.5
- nixos-unstable-small 1.1.5

pkgs.chrome-pak-customizer

Simple batch tool to customize pak files in chrome or chromium-based browser

nixos-unstable 2.0-unstable-2021-06-24
- nixpkgs-unstable 2.0-unstable-2021-06-24
- nixos-unstable-small 2.0-unstable-2021-06-24

pkgs.curl-impersonate-chrome

Special build of curl that can impersonate Chrome & Firefox

nixos-unstable 1.2.0
- nixpkgs-unstable 1.2.0
- nixos-unstable-small 1.2.0

pkgs.undetected-chromedriver

Custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 142.0.7444.175
- nixpkgs-unstable 142.0.7444.175
- nixos-unstable-small 142.0.7444.175

pkgs.electron-chromedriver_33

WebDriver server for running Selenium tests on Chrome

pkgs.electron-chromedriver_34

WebDriver server for running Selenium tests on Chrome

pkgs.electron-chromedriver_35

WebDriver server for running Selenium tests on Chrome

pkgs.electron-chromedriver_36

WebDriver server for running Selenium tests on Chrome

nixos-unstable 36.9.5
- nixpkgs-unstable 36.9.5
- nixos-unstable-small 36.9.5

pkgs.electron-chromedriver_37

WebDriver server for running Selenium tests on Chrome

nixos-unstable 37.10.2
- nixpkgs-unstable 37.10.2
- nixos-unstable-small 37.10.2

pkgs.electron-chromedriver_38

WebDriver server for running Selenium tests on Chrome

nixos-unstable 38.7.1
- nixpkgs-unstable 38.7.1
- nixos-unstable-small 38.7.1

pkgs.electron-chromedriver_39

WebDriver server for running Selenium tests on Chrome

nixos-unstable 39.2.3
- nixpkgs-unstable 39.2.3
- nixos-unstable-small 39.2.3

pkgs.xorg.xf86videoopenchrome

None

nixos-unstable 0.6.0
- nixpkgs-unstable 0.6.0
- nixos-unstable-small 0.6.0

pkgs.ocamlPackages.chrome-trace

Chrome trace event generation library

nixos-unstable 3.20.2
- nixpkgs-unstable 3.20.2
- nixos-unstable-small 3.20.2

pkgs.noto-fonts-monochrome-emoji

Monochrome emoji font

nixos-unstable 3.000
- nixpkgs-unstable 3.000
- nixos-unstable-small 3.000

pkgs.python312Packages.pychromecast

Library for Python to communicate with the Google Chromecast

nixos-unstable 14.0.9
- nixpkgs-unstable 14.0.9
- nixos-unstable-small 14.0.9

pkgs.python313Packages.pychromecast

Library for Python to communicate with the Google Chromecast

nixos-unstable 14.0.9
- nixpkgs-unstable 14.0.9
- nixos-unstable-small 14.0.9

pkgs.python312Packages.undetected-chromedriver

Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 3.5.5
- nixpkgs-unstable 3.5.5
- nixos-unstable-small 3.5.5

pkgs.python313Packages.undetected-chromedriver

Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 3.5.5
- nixpkgs-unstable 3.5.5
- nixos-unstable-small 3.5.5

pkgs.grafanaPlugins.ventura-psychrometric-panel

Grafana plugin to display air conditions on a psychrometric chart

nixos-unstable 5.0.4
- nixpkgs-unstable 5.0.4
- nixos-unstable-small 5.0.4

Package maintainers

@bdesham Benjamin Esham <benjamin@esham.io>
@UlyssesZh Ulysses Zhan <ulysseszhan@gmail.com>
@mmahut Marek Mahut <marek.mahut@gmail.com>
@emilylange Emily Lange <nix@emilylange.de>
@networkException networkException <nix@nwex.de>
@GGG-KILLER GGG <github@ggg.dev>
@liam-murphy14 Liam Murphy <liam.murphy137@gmail.com>
@yayayayaka Yaya <github@uwu.is>
@zi3m5f zi3m5f <k7n3o3a6f@mozmail.com>
@johnrtitor Masum Reza <masumrezarock100@gmail.com>
@Shou Benedict Aas <x+g@shou.io>
@roberth Robert Hensing <nixpkgs@roberthensing.nl>
@nicoonoclaste nicoo <nicoo@debian.org>
@abbradar Nikolay Amiantov <ab@fmap.me>
@nagisa Simonas Kazlauskas <nixpkgs@kazlauskas.me>

Untriaged

Permalink CVE-2026-0903

5.4 MEDIUM

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): None (N)
User Interaction (UI): Required (R)
Scope (S): Unchanged (U)
Confidentiality (C): Low (L)
Integrity (I): Low (L)
Availability (A): None (N)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): Required (R)
Modified Confidentiality (MC): Low (L)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): Low (L)
Modified Availability (MA): None (N)

created 4 months ago Activity log

Created suggestion 4 months ago

Inappropriate implementation in Downloads in Google Chrome on Windows prior …

Inappropriate implementation in Downloads in Google Chrome on Windows prior to 144.0.7559.59 allowed a remote attacker to bypass dangerous file type protections via a malicious file. (Chromium security severity: Medium)

References

Affected products

Chrome

<144.0.7559.59

Matching in nixpkgs

pkgs.netflix

Open Netflix in Google Chrome app mode

nixos-unstable -
- nixpkgs-unstable
- nixos-unstable-small

pkgs.chromedriver

WebDriver server for running Selenium tests on Chrome

nixos-unstable 142.0.7444.175
- nixpkgs-unstable 142.0.7444.175
- nixos-unstable-small 142.0.7444.175

pkgs.mkchromecast

Cast macOS and Linux Audio/Video to your Google Cast and Sonos Devices

nixos-unstable 2022-10-31
- nixpkgs-unstable 2022-10-31
- nixos-unstable-small 2022-10-31

pkgs.chrome-export

Scripts to save Google Chrome's bookmarks and history as HTML bookmarks files

nixos-unstable 2.0.2
- nixpkgs-unstable 2.0.2
- nixos-unstable-small 2.0.2

pkgs.go-chromecast

CLI for Google Chromecast, Home devices and Cast Groups

nixos-unstable 0.3.4
- nixpkgs-unstable 0.3.4
- nixos-unstable-small 0.3.4

pkgs.google-chrome

Freeware web browser developed by Google

nixos-unstable 142.0.7444.175
- nixpkgs-unstable 142.0.7444.175
- nixos-unstable-small 142.0.7444.175

pkgs.chrome-token-signing

Chrome and Firefox extension for signing with your eID on the web

nixos-unstable 1.1.5
- nixpkgs-unstable 1.1.5
- nixos-unstable-small 1.1.5

pkgs.chrome-pak-customizer

Simple batch tool to customize pak files in chrome or chromium-based browser

nixos-unstable 2.0-unstable-2021-06-24
- nixpkgs-unstable 2.0-unstable-2021-06-24
- nixos-unstable-small 2.0-unstable-2021-06-24

pkgs.curl-impersonate-chrome

Special build of curl that can impersonate Chrome & Firefox

nixos-unstable 1.2.0
- nixpkgs-unstable 1.2.0
- nixos-unstable-small 1.2.0

pkgs.undetected-chromedriver

Custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 142.0.7444.175
- nixpkgs-unstable 142.0.7444.175
- nixos-unstable-small 142.0.7444.175

pkgs.electron-chromedriver_33

WebDriver server for running Selenium tests on Chrome

pkgs.electron-chromedriver_34

WebDriver server for running Selenium tests on Chrome

pkgs.electron-chromedriver_35

WebDriver server for running Selenium tests on Chrome

pkgs.electron-chromedriver_36

WebDriver server for running Selenium tests on Chrome

nixos-unstable 36.9.5
- nixpkgs-unstable 36.9.5
- nixos-unstable-small 36.9.5

pkgs.electron-chromedriver_37

WebDriver server for running Selenium tests on Chrome

nixos-unstable 37.10.2
- nixpkgs-unstable 37.10.2
- nixos-unstable-small 37.10.2

pkgs.electron-chromedriver_38

WebDriver server for running Selenium tests on Chrome

nixos-unstable 38.7.1
- nixpkgs-unstable 38.7.1
- nixos-unstable-small 38.7.1

pkgs.electron-chromedriver_39

WebDriver server for running Selenium tests on Chrome

nixos-unstable 39.2.3
- nixpkgs-unstable 39.2.3
- nixos-unstable-small 39.2.3

pkgs.xorg.xf86videoopenchrome

None

nixos-unstable 0.6.0
- nixpkgs-unstable 0.6.0
- nixos-unstable-small 0.6.0

pkgs.ocamlPackages.chrome-trace

Chrome trace event generation library

nixos-unstable 3.20.2
- nixpkgs-unstable 3.20.2
- nixos-unstable-small 3.20.2

pkgs.noto-fonts-monochrome-emoji

Monochrome emoji font

nixos-unstable 3.000
- nixpkgs-unstable 3.000
- nixos-unstable-small 3.000

pkgs.python312Packages.pychromecast

Library for Python to communicate with the Google Chromecast

nixos-unstable 14.0.9
- nixpkgs-unstable 14.0.9
- nixos-unstable-small 14.0.9

pkgs.python313Packages.pychromecast

Library for Python to communicate with the Google Chromecast

nixos-unstable 14.0.9
- nixpkgs-unstable 14.0.9
- nixos-unstable-small 14.0.9

pkgs.python312Packages.undetected-chromedriver

Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 3.5.5
- nixpkgs-unstable 3.5.5
- nixos-unstable-small 3.5.5

pkgs.python313Packages.undetected-chromedriver

Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 3.5.5
- nixpkgs-unstable 3.5.5
- nixos-unstable-small 3.5.5

pkgs.grafanaPlugins.ventura-psychrometric-panel

Grafana plugin to display air conditions on a psychrometric chart

nixos-unstable 5.0.4
- nixpkgs-unstable 5.0.4
- nixos-unstable-small 5.0.4

Package maintainers

@bdesham Benjamin Esham <benjamin@esham.io>
@UlyssesZh Ulysses Zhan <ulysseszhan@gmail.com>
@mmahut Marek Mahut <marek.mahut@gmail.com>
@emilylange Emily Lange <nix@emilylange.de>
@networkException networkException <nix@nwex.de>
@GGG-KILLER GGG <github@ggg.dev>
@liam-murphy14 Liam Murphy <liam.murphy137@gmail.com>
@yayayayaka Yaya <github@uwu.is>
@zi3m5f zi3m5f <k7n3o3a6f@mozmail.com>
@johnrtitor Masum Reza <masumrezarock100@gmail.com>
@Shou Benedict Aas <x+g@shou.io>
@roberth Robert Hensing <nixpkgs@roberthensing.nl>
@nicoonoclaste nicoo <nicoo@debian.org>
@abbradar Nikolay Amiantov <ab@fmap.me>
@nagisa Simonas Kazlauskas <nixpkgs@kazlauskas.me>

Untriaged

Permalink CVE-2026-0908

8.8 HIGH

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): None (N)
User Interaction (UI): Required (R)
Scope (S): Unchanged (U)
Confidentiality (C): High (H)
Integrity (I): High (H)
Availability (A): High (H)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): Required (R)
Modified Confidentiality (MC): High (H)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): High (H)
Modified Availability (MA): High (H)

created 4 months ago Activity log

Created suggestion 4 months ago

Use after free in ANGLE in Google Chrome prior to …

Use after free in ANGLE in Google Chrome prior to 144.0.7559.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low)

References

Affected products

Chrome

<144.0.7559.59

Matching in nixpkgs

pkgs.netflix

Open Netflix in Google Chrome app mode

nixos-unstable -
- nixpkgs-unstable
- nixos-unstable-small

pkgs.chromedriver

WebDriver server for running Selenium tests on Chrome

nixos-unstable 142.0.7444.175
- nixpkgs-unstable 142.0.7444.175
- nixos-unstable-small 142.0.7444.175

pkgs.mkchromecast

Cast macOS and Linux Audio/Video to your Google Cast and Sonos Devices

nixos-unstable 2022-10-31
- nixpkgs-unstable 2022-10-31
- nixos-unstable-small 2022-10-31

pkgs.chrome-export

Scripts to save Google Chrome's bookmarks and history as HTML bookmarks files

nixos-unstable 2.0.2
- nixpkgs-unstable 2.0.2
- nixos-unstable-small 2.0.2

pkgs.go-chromecast

CLI for Google Chromecast, Home devices and Cast Groups

nixos-unstable 0.3.4
- nixpkgs-unstable 0.3.4
- nixos-unstable-small 0.3.4

pkgs.google-chrome

Freeware web browser developed by Google

nixos-unstable 142.0.7444.175
- nixpkgs-unstable 142.0.7444.175
- nixos-unstable-small 142.0.7444.175

pkgs.chrome-token-signing

Chrome and Firefox extension for signing with your eID on the web

nixos-unstable 1.1.5
- nixpkgs-unstable 1.1.5
- nixos-unstable-small 1.1.5

pkgs.chrome-pak-customizer

Simple batch tool to customize pak files in chrome or chromium-based browser

nixos-unstable 2.0-unstable-2021-06-24
- nixpkgs-unstable 2.0-unstable-2021-06-24
- nixos-unstable-small 2.0-unstable-2021-06-24

pkgs.curl-impersonate-chrome

Special build of curl that can impersonate Chrome & Firefox

nixos-unstable 1.2.0
- nixpkgs-unstable 1.2.0
- nixos-unstable-small 1.2.0

pkgs.undetected-chromedriver

Custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 142.0.7444.175
- nixpkgs-unstable 142.0.7444.175
- nixos-unstable-small 142.0.7444.175

pkgs.electron-chromedriver_33

WebDriver server for running Selenium tests on Chrome

pkgs.electron-chromedriver_34

WebDriver server for running Selenium tests on Chrome

pkgs.electron-chromedriver_35

WebDriver server for running Selenium tests on Chrome

pkgs.electron-chromedriver_36

WebDriver server for running Selenium tests on Chrome

nixos-unstable 36.9.5
- nixpkgs-unstable 36.9.5
- nixos-unstable-small 36.9.5

pkgs.electron-chromedriver_37

WebDriver server for running Selenium tests on Chrome

nixos-unstable 37.10.2
- nixpkgs-unstable 37.10.2
- nixos-unstable-small 37.10.2

pkgs.electron-chromedriver_38

WebDriver server for running Selenium tests on Chrome

nixos-unstable 38.7.1
- nixpkgs-unstable 38.7.1
- nixos-unstable-small 38.7.1

pkgs.electron-chromedriver_39

WebDriver server for running Selenium tests on Chrome

nixos-unstable 39.2.3
- nixpkgs-unstable 39.2.3
- nixos-unstable-small 39.2.3

pkgs.xorg.xf86videoopenchrome

None

nixos-unstable 0.6.0
- nixpkgs-unstable 0.6.0
- nixos-unstable-small 0.6.0

pkgs.ocamlPackages.chrome-trace

Chrome trace event generation library

nixos-unstable 3.20.2
- nixpkgs-unstable 3.20.2
- nixos-unstable-small 3.20.2

pkgs.noto-fonts-monochrome-emoji

Monochrome emoji font

nixos-unstable 3.000
- nixpkgs-unstable 3.000
- nixos-unstable-small 3.000

pkgs.python312Packages.pychromecast

Library for Python to communicate with the Google Chromecast

nixos-unstable 14.0.9
- nixpkgs-unstable 14.0.9
- nixos-unstable-small 14.0.9

pkgs.python313Packages.pychromecast

Library for Python to communicate with the Google Chromecast

nixos-unstable 14.0.9
- nixpkgs-unstable 14.0.9
- nixos-unstable-small 14.0.9

pkgs.python312Packages.undetected-chromedriver

Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 3.5.5
- nixpkgs-unstable 3.5.5
- nixos-unstable-small 3.5.5

pkgs.python313Packages.undetected-chromedriver

Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 3.5.5
- nixpkgs-unstable 3.5.5
- nixos-unstable-small 3.5.5

pkgs.grafanaPlugins.ventura-psychrometric-panel

Grafana plugin to display air conditions on a psychrometric chart

nixos-unstable 5.0.4
- nixpkgs-unstable 5.0.4
- nixos-unstable-small 5.0.4

Package maintainers

@bdesham Benjamin Esham <benjamin@esham.io>
@UlyssesZh Ulysses Zhan <ulysseszhan@gmail.com>
@mmahut Marek Mahut <marek.mahut@gmail.com>
@emilylange Emily Lange <nix@emilylange.de>
@networkException networkException <nix@nwex.de>
@GGG-KILLER GGG <github@ggg.dev>
@liam-murphy14 Liam Murphy <liam.murphy137@gmail.com>
@yayayayaka Yaya <github@uwu.is>
@zi3m5f zi3m5f <k7n3o3a6f@mozmail.com>
@johnrtitor Masum Reza <masumrezarock100@gmail.com>
@Shou Benedict Aas <x+g@shou.io>
@roberth Robert Hensing <nixpkgs@roberthensing.nl>
@nicoonoclaste nicoo <nicoo@debian.org>
@abbradar Nikolay Amiantov <ab@fmap.me>
@nagisa Simonas Kazlauskas <nixpkgs@kazlauskas.me>

Untriaged

Permalink CVE-2026-0902

8.8 HIGH

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): None (N)
User Interaction (UI): Required (R)
Scope (S): Unchanged (U)
Confidentiality (C): High (H)
Integrity (I): High (H)
Availability (A): High (H)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): Required (R)
Modified Confidentiality (MC): High (H)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): High (H)
Modified Availability (MA): High (H)

created 4 months ago Activity log

Created suggestion 4 months ago

Inappropriate implementation in V8 in Google Chrome prior to 144.0.7559.59 …

Inappropriate implementation in V8 in Google Chrome prior to 144.0.7559.59 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)