Nixpkgs Security Tracker

nixos-unstable 25.12.2
- nixpkgs-unstable 25.12.2
- nixos-unstable-small 25.12.2
nixos-25.11 25.08.3
- nixos-25.11-small 25.08.3
- nixpkgs-25.11-darwin 25.08.3

pkgs.plasma5Packages.kirigami-gallery

View examples of Kirigami components

pkgs.azure-cli-extensions.image-gallery

Support for Azure Image Gallery

nixos-unstable 1.0.0b1
- nixpkgs-unstable 1.0.0b1
- nixos-unstable-small 1.0.0b1
nixos-25.11 1.0.0b1
- nixos-25.11-small 1.0.0b1
- nixpkgs-25.11-darwin 1.0.0b1

pkgs.azure-cli-extensions.gallery-service-artifact

Microsoft Azure Command-Line Tools GalleryServiceArtifact Extension

nixos-unstable 1.0.0b1
- nixpkgs-unstable 1.0.0b1
- nixos-unstable-small 1.0.0b1
nixos-25.11 1.0.0b1
- nixos-25.11-small 1.0.0b1
- nixpkgs-25.11-darwin 1.0.0b1

Package maintainers

@ulrikstrid Ulrik Strid <ulrik.strid@outlook.com>
@katexochen Paul Meyer <katexochen0@gmail.com>
@bjornfor Bjørn Forsman <bjorn.forsman@gmail.com>
@lucasew Lucas Eduardo Wendt <lucas59356@gmail.com>
@dawidsowa Dawid Sowa <dawid_sowa@posteo.net>
@ilya-fedin Ilya Fedin <fedin-ilja2010@ya.ru>
@peterhoeg Peter Hoeg <peter@hoeg.com>
@K900 Ilya K. <me@0upti.me>
@SuperSandro2000 Sandro Jäckel <sandro.jaeckel@gmail.com>
@NickCao Nick Cao <nickcao@nichi.co>
@nyanloutre Paul Trehiou <paul@nyanlout.re>
@FRidh Frederik Rietdijk <fridh@fridh.nl>
@SCOTT-HAMILTON Scott Hamilton <sgn.hamilton@protonmail.com>
@LunNova Luna Nova <nixpkgs-maintainer@lunnova.dev>
@bkchr Bastian Köcher <nixos@kchr.de>
@mjm Matt Moriarity <matt@mattmoriarity.com>
@ttuegel Thomas Tuegel <ttuegel@mailbox.org>
@ShadowRZ 夜坂雅 <shadowrz+nixpkgs@disroot.org>
@OPNA2608 Cosima Neidahl <opna2608@protonmail.com>
@musjj musjj
@yzhou216 Yiyu Zhou <yiyu@yiyuzhou.io>

Permalink CVE-2025-26778

5.9 MEDIUM

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): HIGH
User interaction (UI): REQUIRED
Scope (S): CHANGED
Confidentiality impact (C): LOW
Integrity impact (I): LOW
Availability impact (A): LOW

created 6 months, 1 week ago

WordPress Gallery Custom Links Plugin <= 2.2.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Gallery allows Stored XSS. This issue affects Gallery: from n/a through 2.2.1.

References

Affected products

gallery

=<2.2.1

Matching in nixpkgs

pkgs.fgallery

Static photo gallery generator

nixos-unstable -
- nixpkgs-unstable 1.9.1

pkgs.gallery-dl

Command-line program to download image-galleries and -collections from several image hosting sites

nixos-unstable -
- nixpkgs-unstable 1.30.7

pkgs.tilinggallery

CLI tool for generating aperiodic tilings

nixos-unstable -
- nixpkgs-unstable 0.3.0

pkgs.lomiri.lomiri-gallery-app

Photo gallery application for Ubuntu Touch devices

nixos-unstable -
- nixpkgs-unstable 3.1.1

pkgs.kdePackages.kirigami-gallery

Kirigami component gallery application

nixos-unstable -
- nixpkgs-unstable 25.08.1

pkgs.azure-cli-extensions.image-gallery

Support for Azure Image Gallery

nixos-unstable -
- nixpkgs-unstable 1.0.0b1

pkgs.azure-cli-extensions.gallery-service-artifact

Microsoft Azure Command-Line Tools GalleryServiceArtifact Extension

nixos-unstable -
- nixpkgs-unstable 1.0.0b1

Package maintainers

@ulrikstrid Ulrik Strid <ulrik.strid@outlook.com>
@katexochen Paul Meyer <katexochen0@gmail.com>
@bjornfor Bjørn Forsman <bjorn.forsman@gmail.com>
@lucasew Lucas Eduardo Wendt <lucas59356@gmail.com>
@FlameFlag FlameFlag <github@flameflag.dev>
@dawidsowa Dawid Sowa <dawid_sowa@posteo.net>
@ttuegel Thomas Tuegel <ttuegel@mailbox.org>
@LunNova Luna Nova <nixpkgs-maintainer@lunnova.dev>
@NickCao Nick Cao <nickcao@nichi.co>
@mjm Matt Moriarity <matt@mattmoriarity.com>
@ilya-fedin Ilya Fedin <fedin-ilja2010@ya.ru>
@SuperSandro2000 Sandro Jäckel <sandro.jaeckel@gmail.com>
@K900 Ilya K. <me@0upti.me>
@OPNA2608 Cosima Neidahl <opna2608@protonmail.com>
@yzhou216 Yiyu Zhou <yiyu@yiyuzhou.io>

Suggestions search

References

Affected products

Matching in nixpkgs

pkgs.fgallery

pkgs.gallery-dl

pkgs.tilinggallery

pkgs.lomiri.lomiri-gallery-app

pkgs.libsForQt5.kirigami-gallery

pkgs.mpvScripts.mpv-gallery-view

pkgs.kdePackages.kirigami-gallery

pkgs.plasma5Packages.kirigami-gallery

pkgs.azure-cli-extensions.image-gallery

pkgs.azure-cli-extensions.gallery-service-artifact

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.fgallery

pkgs.gallery-dl

pkgs.tilinggallery

pkgs.lomiri.lomiri-gallery-app

pkgs.kdePackages.kirigami-gallery

pkgs.azure-cli-extensions.image-gallery

pkgs.azure-cli-extensions.gallery-service-artifact

Package maintainers