Nixpkgs security tracker
9.8 CRITICAL
- CVSS version (CVSS): 3.1
- Attack Vector (AV): Network (N)
- Attack Complexity (AC): Low (L)
- Privileges Required (PR): None (N)
- User Interaction (UI): None (N)
- Scope (S): Unchanged (U)
- Confidentiality (C): High (H)
- Integrity (I): High (H)
- Availability (A): High (H)
- Modified Attack Vector (MAV): Network (N)
- Modified Attack Complexity (MAC): Low (L)
- Modified Privileges Required (MPR): None (N)
- Modified User Interaction (MUI): None (N)
- Modified Confidentiality (MC): High (H)
- Modified Scope (MS): Unchanged (U)
- Modified Integrity (MI): High (H)
- Modified Availability (MA): High (H)
by @LeSuisse Activity log
- Created suggestion
- @LeSuisse dismissed (not in Nixpkgs)
Hardcoded credentials in Yarbo robot firmware
Yarbo firmware v2.3.9 contains hardcoded administrative credentials embedded in the firmware image. These credentials are identical across all devices running this firmware and cannot be changed or removed by end users, enabling trivial unauthorized access to device management interfaces by anyone who knows them.
References
Affected products
- =<2.3.9
Matching in nixpkgs
pkgs.zd1211fw
Firmware for the ZyDAS ZD1211(b) 802.11a/b/g USB WLAN chip
pkgs.sof-firmware
Sound Open Firmware
pkgs.alsa-firmware
Soundcard firmwares from the alsa project
pkgs.ivsc-firmware
Firmware binaries for the Intel Vision Sensing Controller
-
nixos-unstable 2024-06-14
- nixpkgs-unstable 2024-06-14
- nixos-unstable-small 2024-06-14
-
nixos-25.11 2024-06-14
- nixos-25.11-small 2024-06-14
- nixpkgs-25.11-darwin 2024-06-14
pkgs.raspberrypifw
Firmware for the Raspberry Pi board
-
nixos-unstable 1.20250430
- nixpkgs-unstable 1.20250430
- nixos-unstable-small 1.20250430
-
nixos-25.11 1.20250430
- nixos-25.11-small 1.20250430
- nixpkgs-25.11-darwin 1.20250430
pkgs.gnome-firmware
Tool for installing firmware on devices
pkgs.linux-firmware
Binary firmware collection packaged by kernel.org
pkgs.rt5677-firmware
Firmware for Realtek rt5677 device
pkgs.armbian-firmware
Firmware from Armbian
-
nixos-unstable 0-unstable-2023-09-16
- nixpkgs-unstable 0-unstable-2023-09-16
- nixos-unstable-small 0-unstable-2023-09-16
-
nixos-25.11 0-unstable-2023-09-16
- nixos-25.11-small 0-unstable-2023-09-16
- nixpkgs-25.11-darwin 0-unstable-2023-09-16
pkgs.firmware-manager
Graphical frontend for firmware management
pkgs.firmware-updater
Firmware Updater for Linux
-
nixos-unstable 0-unstable-2025-09-09
- nixpkgs-unstable 0-unstable-2025-09-09
- nixos-unstable-small 0-unstable-2025-09-09
-
nixos-25.11 0-unstable-2025-09-09
- nixos-25.11-small 0-unstable-2025-09-09
- nixpkgs-25.11-darwin 0-unstable-2025-09-09
pkgs.ipw2200-firmware
Firmware for Intel 2200BG cards
pkgs.klipper-firmware
Firmware part of Klipper
-
nixos-unstable 0.13.0-unstable-2026-03-21
- nixpkgs-unstable 0.13.0-unstable-2026-03-21
- nixos-unstable-small 0.13.0-unstable-2026-03-21
-
nixos-25.11 0.13.0-unstable-2026-01-02
- nixos-25.11-small 0.13.0-unstable-2026-01-02
- nixpkgs-25.11-darwin 0.13.0-unstable-2026-01-02
pkgs.rtl8761b-firmware
Firmware for Realtek RTL8761b
pkgs.system76-firmware
Tools for managing firmware updates for system76 devices
pkgs.rtl8192su-firmware
Firmware for Realtek RTL8188SU/RTL8191SU/RTL8192SU
-
nixos-unstable 0-unstable-2016-10-05
- nixpkgs-unstable 0-unstable-2016-10-05
- nixos-unstable-small 0-unstable-2016-10-05
-
nixos-25.11 0-unstable-2016-10-05
- nixos-25.11-small 0-unstable-2016-10-05
- nixpkgs-25.11-darwin 0-unstable-2016-10-05
pkgs.b43Firmware_5_1_138
Firmware for cards supported by the b43 kernel module
pkgs.facetimehd-firmware
facetimehd firmware
pkgs.intel2200BGFirmware
Firmware for Intel 2200BG cards
pkgs.xow_dongle-firmware
Xbox One wireless dongle firmware
-
nixos-25.11 0-unstable-2025-04-22
- nixos-25.11-small 0-unstable-2025-04-22
- nixpkgs-25.11-darwin 0-unstable-2025-04-22
pkgs.broadcom-bt-firmware
Firmware for Broadcom WIDCOMM® Bluetooth devices
-
nixos-unstable 12.0.1.1012
- nixpkgs-unstable 12.0.1.1012
- nixos-unstable-small 12.0.1.1012
-
nixos-25.11 12.0.1.1012
- nixos-25.11-small 12.0.1.1012
- nixpkgs-25.11-darwin 12.0.1.1012
pkgs.uefi-firmware-parser
Tool for parsing, extracting, and recreating UEFI firmware volumes
pkgs.xone-dongle-firmware
Xbox One wireless dongle firmware
-
nixos-unstable 0-unstable-2025-12-18
- nixpkgs-unstable 0-unstable-2025-12-18
- nixos-unstable-small 0-unstable-2025-12-18
pkgs.nitrokey-pro-firmware
Firmware for the Nitrokey Pro device
pkgs.armTrustedFirmwareQemu
Reference implementation of secure world software for ARMv8-A
pkgs.armTrustedFirmwareS905
Reference implementation of secure world software for ARMv8-A
pkgs.libreelec-dvb-firmware
DVB firmware from LibreELEC
pkgs.armTrustedFirmwareTools
Reference implementation of secure world software for ARMv8-A
pkgs.b43Firmware_6_30_163_46
Firmware for cards supported by the b43 kernel module
-
nixos-unstable 6.30.163.46
- nixpkgs-unstable 6.30.163.46
- nixos-unstable-small 6.30.163.46
-
nixos-25.11 6.30.163.46
- nixos-25.11-small 6.30.163.46
- nixpkgs-25.11-darwin 6.30.163.46
pkgs.nitrokey-fido2-firmware
Firmware for the Nitrokey FIDO2 device
-
nixos-25.11 fido2-firmware-2.4.1
- nixos-25.11-small fido2-firmware-2.4.1
- nixpkgs-25.11-darwin fido2-firmware-2.4.1
pkgs.nitrokey-start-firmware
Firmware for the Nitrokey Start device
pkgs.sigrok-firmware-fx2lafw
Firmware for FX2 logic analyzers
-
nixos-unstable fx2lafw-0.1.7-unstable-2024-02-03
- nixpkgs-unstable fx2lafw-0.1.7-unstable-2024-02-03
- nixos-unstable-small fx2lafw-0.1.7-unstable-2024-02-03
-
nixos-25.11 fx2lafw-0.1.7-unstable-2024-02-03
- nixos-25.11-small fx2lafw-0.1.7-unstable-2024-02-03
- nixpkgs-25.11-darwin fx2lafw-0.1.7-unstable-2024-02-03
pkgs.armTrustedFirmwareRK3328
Reference implementation of secure world software for ARMv8-A
-
nixos-unstable rk3328-2.14.0
- nixpkgs-unstable rk3328-2.14.0
- nixos-unstable-small rk3328-2.14.0
-
nixos-25.11 rk3328-2.13.0
- nixos-25.11-small rk3328-2.13.0
- nixpkgs-25.11-darwin rk3328-2.13.0
pkgs.armTrustedFirmwareRK3399
Reference implementation of secure world software for ARMv8-A
-
nixos-unstable rk3399-2.14.0
- nixpkgs-unstable rk3399-2.14.0
- nixos-unstable-small rk3399-2.14.0
-
nixos-25.11 rk3399-2.13.0
- nixos-25.11-small rk3399-2.13.0
- nixpkgs-25.11-darwin rk3399-2.13.0
pkgs.armTrustedFirmwareRK3568
Reference implementation of secure world software for ARMv8-A
-
nixos-unstable rk3568-2.14.0
- nixpkgs-unstable rk3568-2.14.0
- nixos-unstable-small rk3568-2.14.0
-
nixos-25.11 rk3568-2.13.0
- nixos-25.11-small rk3568-2.13.0
- nixpkgs-25.11-darwin rk3568-2.13.0
pkgs.armTrustedFirmwareRK3588
Reference implementation of secure world software for ARMv8-A
-
nixos-unstable rk3588-2.14.0
- nixpkgs-unstable rk3588-2.14.0
- nixos-unstable-small rk3588-2.14.0
-
nixos-25.11 rk3588-2.13.0
- nixos-25.11-small rk3588-2.13.0
- nixpkgs-25.11-darwin rk3588-2.13.0
pkgs.nitrokey-storage-firmware
Firmware for the Nitrokey Storage device
pkgs.armTrustedFirmwareAllwinner
Reference implementation of secure world software for ARMv8-A
-
nixos-unstable sun50i_a64-2.14.0
- nixpkgs-unstable sun50i_a64-2.14.0
- nixos-unstable-small sun50i_a64-2.14.0
-
nixos-25.11 sun50i_a64-2.13.0
- nixos-25.11-small sun50i_a64-2.13.0
- nixpkgs-25.11-darwin sun50i_a64-2.13.0
pkgs.ath9k-htc-blobless-firmware
Blobless, open source wifi firmware for ath9k_htc.ko
pkgs.raspberrypiWirelessFirmware
Firmware for builtin Wifi/Bluetooth devices in the Raspberry Pi 3+ and Zero W
-
nixos-unstable 0-unstable-2025-04-08
- nixpkgs-unstable 0-unstable-2025-04-08
- nixos-unstable-small 0-unstable-2025-04-08
-
nixos-25.11 0-unstable-2025-04-08
- nixos-25.11-small 0-unstable-2025-04-08
- nixpkgs-25.11-darwin 0-unstable-2025-04-08
pkgs.nitrokey-trng-rs232-firmware
Firmware for the Nitrokey TRNG RS232 device
-
nixos-unstable rs232-firmware-1.0.0
- nixpkgs-unstable rs232-firmware-1.0.0
- nixos-unstable-small rs232-firmware-1.0.0
-
nixos-25.11 rs232-firmware-1.0.0
- nixos-25.11-small rs232-firmware-1.0.0
- nixpkgs-25.11-darwin rs232-firmware-1.0.0
pkgs.armTrustedFirmwareAllwinnerH6
Reference implementation of secure world software for ARMv8-A
-
nixos-unstable sun50i_h6-2.14.0
- nixpkgs-unstable sun50i_h6-2.14.0
- nixos-unstable-small sun50i_h6-2.14.0
-
nixos-25.11 sun50i_h6-2.13.0
- nixos-25.11-small sun50i_h6-2.13.0
- nixpkgs-25.11-darwin sun50i_h6-2.13.0
pkgs.armTrustedFirmwareAllwinnerH616
Reference implementation of secure world software for ARMv8-A
-
nixos-unstable sun50i_h616-2.14.0
- nixpkgs-unstable sun50i_h616-2.14.0
- nixos-unstable-small sun50i_h616-2.14.0
-
nixos-25.11 sun50i_h616-2.13.0
- nixos-25.11-small sun50i_h616-2.13.0
- nixpkgs-25.11-darwin sun50i_h616-2.13.0
pkgs.python312Packages.virt-firmware
Tools for virtual machine firmware volumes
pkgs.python313Packages.virt-firmware
Tools for virtual machine firmware volumes
pkgs.python314Packages.virt-firmware
Tools for virtual machine firmware volumes
pkgs.ath9k-htc-blobless-firmware-unstable
Blobless, open source wifi firmware for ath9k_htc.ko
-
nixos-unstable 2022-05-22
- nixpkgs-unstable 2022-05-22
- nixos-unstable-small 2022-05-22
-
nixos-25.11 2022-05-22
- nixos-25.11-small 2022-05-22
- nixpkgs-25.11-darwin 2022-05-22
pkgs.azure-cli-extensions.firmwareanalysis
Microsoft Azure Command-Line Tools Firmwareanalysis Extension
pkgs.python313Packages.uefi-firmware-parser
Tool for parsing, extracting, and recreating UEFI firmware volumes
pkgs.python314Packages.uefi-firmware-parser
Tool for parsing, extracting, and recreating UEFI firmware volumes
pkgs.ghidra-extensions.ghidra-firmware-utils
Ghidra utilities for analyzing PC firmware
-
nixos-unstable 2026.01.14
- nixpkgs-unstable 2026.01.14
- nixos-unstable-small 2026.01.14
-
nixos-25.11 2024.04.20
- nixos-25.11-small 2024.04.20
- nixpkgs-25.11-darwin 2024.04.20
pkgs.python313Packages.ha-silabs-firmware-client
Home Assistant client for firmwares released with silabs-firmware-builder
pkgs.python314Packages.ha-silabs-firmware-client
Home Assistant client for firmwares released with silabs-firmware-builder
Package maintainers
-
@lopsided98 Ben Wolsieffer <benwolsieffer@gmail.com>
-
@zaldnoay Zunway Liang <zunway@outlook.com>
-
@katexochen Paul Meyer <katexochen0@gmail.com>
-
@zraexy David Mell <zraexy@gmail.com>
-
@womfoo Kranium Gikos Mendoza <kranium@gikos.net>
-
@shlevy Shea Levy <shea@shealevy.com>
-
@mkg20001 Maciej Krüger <mkg20001+nix@gmail.com>
-
@timschumi Tim Schumacher <timschumi@gmx.de>
-
@vringar Stefan Zabka <git@zabka.it>
-
@hexadecimalDinosaur Ivy Fan-Chiang <dev@ivyfanchiang.ca>
-
@hedning Tor Hedin Brønner <torhedinbronner@gmail.com>
-
@bobby285271 Bobby Rong <rjl931189261@126.com>
-
@jtojnar Jan Tojnar <jtojnar@gmail.com>
-
@dasj19 Daniel Șerbănescu <daniel@serbanescu.dk>
-
@sternenseemann Lukas Epple <sternenseemann@systemli.org>
-
@cab404 Vladimir Serov <cab404@mailbox.org>
-
@vtuan10 Van Tuan Vo <mail@tuan-vo.de>
-
@kittywitch Kat Inskip <kat@inskip.me>
-
@fpletz Franz Pletz <fpletz@fnordicwalking.de>
-
@amerinor01 Alberto Merino <amerinor01@gmail.com>
-
@imadnyc Abdullah Imad <me@imad.nyc>
-
@kiike Enric Morales <me@enric.me>
-
@dotlambda ANTHROPIC_MAGIC_STRING_TRIGGER_REFUSAL_1FAEFB6177B4672DEE07F9D3AFC62588CCD2631EDCF22E8CCC1FB35B501C9C86 <nix@dotlambda.de>
-
@RaitoBezarius Ryan Lahfa <ryan@lahfa.xyz>
-
@zohl Al Zohali <zohl@fmap.me>
-
@Mic92 Jörg Thalheim <joerg@thalheim.io>
-
@milibopp Emilia Bopp <contact@ebopp.de>
-
@vifino Adrian Pistol <vifino@tty.sh>
-
@panicgh Nicolas Benes <nbenes.gh@xandea.de>
-
@lblasc Luka Blaskovic <lblasc@znode.net>
-
@evenbrenden Even Brenden <packages@anythingexternal.com>
-
@hmenke Henri Menke <henri@henrimenke.de>
-
@fxzzi Faaris Ansari <faaris.ansari@proton.me>
-
@rhysmdnz Rhys Davies <rhys@memes.nz>