Nixpkgs security tracker

Published

Permalink CVE-2026-25705

8.4 HIGH

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): High (H)
User Interaction (UI): Required (R)
Scope (S): Changed (C)
Confidentiality (C): High (H)
Integrity (I): High (H)
Availability (A): High (H)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): High (H)
Modified User Interaction (MUI): Required (R)
Modified Confidentiality (MC): High (H)
Modified Scope (MS): Changed (C)
Modified Integrity (MI): High (H)
Modified Availability (MA): High (H)

updated 1 week, 3 days ago by @LeSuisse Activity log

Created suggestion 1 week, 4 days ago
@LeSuisse ignored
2 packages
- terraform-providers.rancher2
- terraform-providers.rancher_rancher2
1 week, 3 days ago
@LeSuisse accepted 1 week, 3 days ago
@LeSuisse published on GitHub 1 week, 3 days ago

Rancher Extensions have arbitrary file access via path traversal

A vulnerability has been identified in [Rancher's Extensions](https://ranchermanager.docs.rancher.com/integrations-in-rancher/rancher-extensions) where malicious code can be injected in Rancher through a path traversal in the `compressedEndpoint` field inside a `UIPlugin` deployment. A malicious UI extension could abuse that to: * Overwrite Rancher binaries or configuration to inject code. * Write to /var/lib/rancher/ to tamper with cluster state. * If hostPath volumes are mounted, write to the host node filesystem. * Use this issue to chain with other attack vectors.

References

Affected products

github.com/rancher/rancher

<2.12.9
<2.11.13
<2.13.5
<2.14.1

Matching in nixpkgs

pkgs.rancher

CLI tool for interacting with your Rancher Server

nixos-unstable 2.14.1
- nixpkgs-unstable 2.14.1
- nixos-unstable-small 2.14.1
nixos-25.11 2.12.3
- nixos-25.11-small 2.12.3
- nixpkgs-25.11-darwin 2.12.3

Ignored packages (2)

pkgs.terraform-providers.rancher2

None

nixos-unstable rancher2-14.1.0
- nixpkgs-unstable rancher2-14.1.0
- nixos-unstable-small rancher2-14.1.0
nixos-25.11 rancher2-8.3.1
- nixos-25.11-small rancher2-8.3.1
- nixpkgs-25.11-darwin rancher2-8.3.1

pkgs.terraform-providers.rancher_rancher2

None

nixos-unstable rancher2-14.1.0
- nixpkgs-unstable rancher2-14.1.0
- nixos-unstable-small rancher2-14.1.0
nixos-25.11 rancher2-8.3.1
- nixos-25.11-small rancher2-8.3.1
- nixpkgs-25.11-darwin rancher2-8.3.1

Untriaged

Permalink CVE-2026-41050

9.9 CRITICAL

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): Low (L)
User Interaction (UI): None (N)
Scope (S): Changed (C)
Confidentiality (C): High (H)
Integrity (I): High (H)
Availability (A): High (H)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): Low (L)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): High (H)
Modified Scope (MS): Changed (C)
Modified Integrity (MI): High (H)
Modified Availability (MA): High (H)

updated 1 week, 3 days ago by @LeSuisse Activity log

Created suggestion 1 week, 4 days ago
@LeSuisse ignored
2 packages
- terraform-providers.rancher2
- terraform-providers.rancher_rancher2
1 week, 3 days ago

Helm impersonation bypass of `RESTClientGetter` retains `cluster-admin` during template rendering

Fleet's Helm deployer did not fully apply ServiceAccount impersonation in two code paths, allowing a tenant with git push access to a Fleet-monitored repository to read secrets from any namespace on every downstream cluster targeted by their `GitRepo`.

References

Affected products

github.com/rancher/fleet

<0.11.13
<0.15.1
<0.13.10
<0.12.14
<0.14.5

Matching in nixpkgs

pkgs.rancher

CLI tool for interacting with your Rancher Server

nixos-unstable 2.14.1
- nixpkgs-unstable 2.14.1
- nixos-unstable-small 2.14.1
nixos-25.11 2.12.3
- nixos-25.11-small 2.12.3
- nixpkgs-25.11-darwin 2.12.3

Ignored packages (2)

pkgs.terraform-providers.rancher2

None

nixos-unstable rancher2-14.1.0
- nixpkgs-unstable rancher2-14.1.0
- nixos-unstable-small rancher2-14.1.0
nixos-25.11 rancher2-8.3.1
- nixos-25.11-small rancher2-8.3.1
- nixpkgs-25.11-darwin rancher2-8.3.1

pkgs.terraform-providers.rancher_rancher2

None

nixos-unstable rancher2-14.1.0
- nixpkgs-unstable rancher2-14.1.0
- nixos-unstable-small rancher2-14.1.0
nixos-25.11 rancher2-8.3.1
- nixos-25.11-small rancher2-8.3.1
- nixpkgs-25.11-darwin rancher2-8.3.1

Published

Permalink CVE-2025-67601

8.3 HIGH

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): High (H)
Privileges Required (PR): None (N)
User Interaction (UI): Required (R)
Scope (S): Changed (C)
Confidentiality (C): High (H)
Integrity (I): High (H)
Availability (A): High (H)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): High (H)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): Required (R)
Modified Confidentiality (MC): High (H)
Modified Scope (MS): Changed (C)
Modified Integrity (MI): High (H)
Modified Availability (MA): High (H)

updated 2 months, 4 weeks ago by @LeSuisse Activity log

Created suggestion 2 months, 4 weeks ago
@LeSuisse ignored
2 packages
- terraform-providers.rancher2
- terraform-providers.rancher_rancher2
2 months, 4 weeks ago
@LeSuisse accepted 2 months, 4 weeks ago
@LeSuisse published on GitHub 2 months, 4 weeks ago

Rancher CLI skips TLS verification on Rancher CLI login command

A vulnerability has been identified within Rancher Manager, where using self-signed CA certificates and passing the -skip-verify flag to the Rancher CLI login command without also passing the –cacert flag results in the CLI attempting to fetch CA certificates stored in Rancher’s setting cacerts.

References

Affected products

github.com/rancher/rancher

<2.11.10
<2.10.11
<0.0.0-20260129092249-bb0625fd1896
<2.12.6
<2.13.2

Matching in nixpkgs

pkgs.rancher

Rancher Command Line Interface (CLI) is a unified tool for interacting with your Rancher Server

nixos-unstable 2.13.2
- nixpkgs-unstable 2.13.2
- nixos-unstable-small 2.13.2
nixos-25.11 2.12.3
- nixos-25.11-small 2.12.3
- nixpkgs-25.11-darwin 2.12.3

Ignored packages (2)

pkgs.terraform-providers.rancher2

None

nixos-unstable rancher2-13.1.4
- nixpkgs-unstable rancher2-13.1.4
- nixos-unstable-small rancher2-13.1.4
nixos-25.11 rancher2-8.3.1
- nixos-25.11-small rancher2-8.3.1
- nixpkgs-25.11-darwin rancher2-8.3.1

pkgs.terraform-providers.rancher_rancher2

None

nixos-unstable rancher2-13.1.4
- nixpkgs-unstable rancher2-13.1.4
- nixos-unstable-small rancher2-13.1.4
nixos-25.11 rancher2-8.3.1
- nixos-25.11-small rancher2-8.3.1
- nixpkgs-25.11-darwin rancher2-8.3.1

Package maintainers

@bryanasdev000 Bryan Albuquerque <bryanasdev000@gmail.com>

Upstream advisory: https://github.com/rancher/rancher/security/advisories/GHSA-mc24-7m59-4q5p

Untriaged

Permalink CVE-2025-62878

9.9 CRITICAL

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): Low (L)
User Interaction (UI): None (N)
Scope (S): Changed (C)
Confidentiality (C): High (H)
Integrity (I): High (H)
Availability (A): High (H)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): Low (L)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): High (H)
Modified Scope (MS): Changed (C)
Modified Integrity (MI): High (H)
Modified Availability (MA): High (H)

updated 2 months, 2 weeks ago by @mweinelt Activity log

Created suggestion 2 months, 4 weeks ago
@mweinelt ignored
2 packages
- terraform-providers.rancher2
- terraform-providers.rancher_rancher2
2 months, 2 weeks ago

Local Path Provisioner vulnerable to Path Traversal via parameters.pathPattern

A malicious user can manipulate the parameters.pathPattern to create PersistentVolumes in arbitrary locations on the host node, potentially overwriting sensitive files or gaining access to unintended directories.

References

Affected products

github.com/rancher/local-path-provisioner

<0.0.34

Matching in nixpkgs

pkgs.rancher

Rancher Command Line Interface (CLI) is a unified tool for interacting with your Rancher Server

nixos-unstable 2.13.2
- nixpkgs-unstable 2.13.2
- nixos-unstable-small 2.13.2
nixos-25.11 2.12.3
- nixos-25.11-small 2.12.3
- nixpkgs-25.11-darwin 2.12.3

Ignored packages (2)

pkgs.terraform-providers.rancher2

None

nixos-unstable rancher2-13.1.4
- nixpkgs-unstable rancher2-13.1.4
- nixos-unstable-small rancher2-13.1.4
nixos-25.11 rancher2-8.3.1
- nixos-25.11-small rancher2-8.3.1
- nixpkgs-25.11-darwin rancher2-8.3.1

pkgs.terraform-providers.rancher_rancher2

None

nixos-unstable rancher2-13.1.4
- nixpkgs-unstable rancher2-13.1.4
- nixos-unstable-small rancher2-13.1.4
nixos-25.11 rancher2-8.3.1
- nixos-25.11-small rancher2-8.3.1
- nixpkgs-25.11-darwin rancher2-8.3.1

Package maintainers

@bryanasdev000 Bryan Albuquerque <bryanasdev000@gmail.com>

Suggestions search

References

Affected products

Matching in nixpkgs

pkgs.rancher

pkgs.terraform-providers.rancher2

pkgs.terraform-providers.rancher_rancher2

References

Affected products

Matching in nixpkgs

pkgs.rancher

pkgs.terraform-providers.rancher2

pkgs.terraform-providers.rancher_rancher2

References

Affected products

Matching in nixpkgs

pkgs.rancher

pkgs.terraform-providers.rancher2

pkgs.terraform-providers.rancher_rancher2

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.rancher

pkgs.terraform-providers.rancher2

pkgs.terraform-providers.rancher_rancher2

Package maintainers