Nixpkgs security tracker
Dismissed
(not in Nixpkgs)
Permalink
CVE-2026-41253
6.9 MEDIUM
- CVSS version (CVSS): 3.1
- Attack Vector (AV): Local (L)
- Attack Complexity (AC): High (H)
- Privileges Required (PR): None (N)
- User Interaction (UI): None (N)
- Scope (S): Unchanged (U)
- Confidentiality (C): High (H)
- Integrity (I): High (H)
- Availability (A): Low (L)
- Modified Attack Vector (MAV): Local (L)
- Modified Attack Complexity (MAC): High (H)
- Modified Privileges Required (MPR): None (N)
- Modified User Interaction (MUI): None (N)
- Modified Confidentiality (MC): High (H)
- Modified Scope (MS): Unchanged (U)
- Modified Integrity (MI): High (H)
- Modified Availability (MA): Low (L)
by @LeSuisse Activity log
- Created suggestion
- @LeSuisse dismissed (not in Nixpkgs)
In iTerm2 through 3.6.9, displaying a .txt file can cause …
In iTerm2 through 3.6.9, displaying a .txt file can cause code execution via DCS 2000p and OSC 135 data, if the working directory contains a malicious file whose name is valid output from the conductor encoding path, such as a pathname with an initial ace/c+ substring, aka "hypothetical in-band signaling abuse." This occurs because iTerm2 accepts the SSH conductor protocol from terminal output that does not originate from a legitimate conductor session.
References
Affected products
iTerm2
- =<3.6.9
Matching in nixpkgs
pkgs.python312Packages.iterm2
Python interface to iTerm2's scripting API
-
nixos-25.11 iterm2-2.10
- nixos-25.11-small iterm2-2.10
- nixpkgs-25.11-darwin iterm2-2.10
pkgs.python313Packages.iterm2
Python interface to iTerm2's scripting API
-
nixos-unstable iterm2-2.13
- nixpkgs-unstable iterm2-2.13
- nixos-unstable-small iterm2-2.13
-
nixos-25.11 iterm2-2.10
- nixos-25.11-small iterm2-2.10
- nixpkgs-25.11-darwin iterm2-2.10
pkgs.python314Packages.iterm2
Python interface to iTerm2's scripting API
-
nixos-unstable iterm2-2.13
- nixpkgs-unstable iterm2-2.13
- nixos-unstable-small iterm2-2.13
Package maintainers
-
@jeremyschlatter Jeremy Schlatter <github@jeremyschlatter.com>