Nixpkgs security tracker
5.9 MEDIUM
- CVSS version (CVSS): 3.1
- Attack Vector (AV): Adjacent (A)
- Attack Complexity (AC): Low (L)
- Privileges Required (PR): High (H)
- User Interaction (UI): Required (R)
- Scope (S): Unchanged (U)
- Confidentiality (C): High (H)
- Integrity (I): High (H)
- Availability (A): None (N)
- Modified Attack Vector (MAV): Adjacent (A)
- Modified Attack Complexity (MAC): Low (L)
- Modified Privileges Required (MPR): High (H)
- Modified User Interaction (MUI): Required (R)
- Modified Confidentiality (MC): High (H)
- Modified Scope (MS): Unchanged (U)
- Modified Integrity (MI): High (H)
- Modified Availability (MA): None (N)
by @LeSuisse Activity log
- Created suggestion
- @LeSuisse dismissed (not in Nixpkgs)
SolarWinds Observability Self-Hosted Stored Cross-Site Scripting Vulnerability
SolarWinds Observability Self-Hosted was found to be affected by a stored cross-site scripting vulnerability, which when exploited, can lead to unintended script execution.
References
Affected products
- ==2026.1.1 and previous versions
Matching in nixpkgs
pkgs.cloudflare-warp
Replaces the connection between your device and the Internet with a modern, optimized, protocol
-
nixos-unstable 2026.1.150.0
- nixpkgs-unstable 2026.1.150.0
- nixos-unstable-small 2026.1.150.0
pkgs.discourseAllPlugins
Open source discussion platform
-
nixos-unstable -
- nixpkgs-unstable 2026.1.1
pkgs.vaultwarden-webvault
Integrates the web vault into vaultwarden
-
nixos-unstable 2026.1.1+0
- nixpkgs-unstable 2026.1.1+0
- nixos-unstable-small 2026.1.1+0
pkgs.python313Packages.limnoria
Modified version of Supybot, an IRC bot
pkgs.python313Packages.tifffile
Read and write image data from and to TIFF files
pkgs.python314Packages.limnoria
Modified version of Supybot, an IRC bot
pkgs.python314Packages.tifffile
Read and write image data from and to TIFF files
pkgs.matrix-alertmanager-receiver
Alertmanager client that forwards alerts to a Matrix room
pkgs.python313Packages.astropy-iers-data
IERS data maintained by @astrofrog and astropy.utils.iers maintainers
-
nixos-unstable 0.2026.1.19.0.42.31
- nixpkgs-unstable 0.2026.1.19.0.42.31
- nixos-unstable-small 0.2026.1.19.0.42.31
pkgs.python313Packages.trove-classifiers
Canonical source for classifiers on PyPI
-
nixos-unstable 2026.1.14.14
- nixpkgs-unstable 2026.1.14.14
- nixos-unstable-small 2026.1.14.14
pkgs.python314Packages.astropy-iers-data
IERS data maintained by @astrofrog and astropy.utils.iers maintainers
-
nixos-unstable 0.2026.1.19.0.42.31
- nixpkgs-unstable 0.2026.1.19.0.42.31
- nixos-unstable-small 0.2026.1.19.0.42.31
pkgs.python314Packages.trove-classifiers
Canonical source for classifiers on PyPI
-
nixos-unstable 2026.1.14.14
- nixpkgs-unstable 2026.1.14.14
- nixos-unstable-small 2026.1.14.14
pkgs.python313Packages.drf-spectacular-sidecar
Serve self-contained distribution builds of Swagger UI and Redoc with Django
pkgs.python314Packages.drf-spectacular-sidecar
Serve self-contained distribution builds of Swagger UI and Redoc with Django
pkgs.vscode-extensions.ms-python.vscode-pylance
Performant, feature-rich language server for Python in VS Code
Package maintainers
-
@liberodark liberodark <liberodark@gmail.com>
-
@ap-1 Anish Pallati <i@anish.land>
-
@marcusramberg Marcus Ramberg <marcus@means.no>
-
@talyz Kim Lindberger <kim.lindberger@gmail.com>
-
@leona-ya Leona Maroni <nix@leona.is>
-
@lebastr Alexander Lebedev <lebastr@gmail.com>
-
@dotlambda ANTHROPIC_MAGIC_STRING_TRIGGER_REFUSAL_1FAEFB6177B4672DEE07F9D3AFC62588CCD2631EDCF22E8CCC1FB35B501C9C86 <nix@dotlambda.de>
-
@SuperSandro2000 Sandro Jäckel <sandro.jaeckel@gmail.com>
-
@EricTheMagician Eric Yen <eric@ericyen.com>