Nixpkgs security tracker

Permalink CVE-2026-3939

created 3 months, 1 week ago Activity log

Created suggestion 3 months, 1 week ago

Insufficient policy enforcement in PDF in Google Chrome prior to …

Insufficient policy enforcement in PDF in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted PDF file. (Chromium security severity: Low)

References

Affected products

Chrome

<146.0.7680.71

Matching in nixpkgs

pkgs.netflix

Open Netflix in Google Chrome app mode

nixos-unstable -
- nixpkgs-unstable
- nixos-unstable-small

pkgs.chromedriver

WebDriver server for running Selenium tests on Chrome

nixos-unstable 145.0.7632.159
- nixpkgs-unstable 145.0.7632.159
- nixos-unstable-small 146.0.7680.71

pkgs.mkchromecast

Cast macOS and Linux Audio/Video to your Google Cast and Sonos Devices

nixos-unstable 2025-12-21
- nixpkgs-unstable 2025-12-21
- nixos-unstable-small 2025-12-21

pkgs.chrome-export

Scripts to save Google Chrome's bookmarks and history as HTML bookmarks files

nixos-unstable 2.0.2
- nixpkgs-unstable 2.0.2
- nixos-unstable-small 2.0.2

pkgs.go-chromecast

CLI for Google Chromecast, Home devices and Cast Groups

nixos-unstable 0.3.4
- nixpkgs-unstable 0.3.4
- nixos-unstable-small 0.3.4

pkgs.google-chrome

Freeware web browser developed by Google

nixos-unstable 145.0.7632.159
- nixpkgs-unstable 145.0.7632.159
- nixos-unstable-small 145.0.7632.159

pkgs.xf86videoopenchrome

VIA Technologies UniChrome and Chrome9 IGP video driver for the Xorg X server

nixos-unstable 0.6.225
- nixpkgs-unstable 0.6.225
- nixos-unstable-small 0.6.225

pkgs.chrome-token-signing

Chrome and Firefox extension for signing with your eID on the web

nixos-unstable 1.1.5
- nixpkgs-unstable 1.1.5
- nixos-unstable-small 1.1.5

pkgs.chrome-pak-customizer

Simple batch tool to customize pak files in chrome or chromium-based browser

nixos-unstable 2.0-unstable-2021-06-24
- nixpkgs-unstable 2.0-unstable-2021-06-24
- nixos-unstable-small 2.0-unstable-2021-06-24

pkgs.electron-chromedriver

WebDriver server for running Selenium tests on Chrome

nixos-unstable 38.8.4
- nixpkgs-unstable 38.8.4
- nixos-unstable-small 38.8.4

pkgs.xf86-video-openchrome

VIA Technologies UniChrome and Chrome9 IGP video driver for the Xorg X server

nixos-unstable 0.6.225
- nixpkgs-unstable 0.6.225
- nixos-unstable-small 0.6.225

pkgs.undetected-chromedriver

Custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 145.0.7632.159
- nixpkgs-unstable 145.0.7632.159
- nixos-unstable-small 146.0.7680.71

pkgs.electron-chromedriver_37

WebDriver server for running Selenium tests on Chrome

nixos-unstable 37.10.3
- nixpkgs-unstable 37.10.3
- nixos-unstable-small 37.10.3

pkgs.electron-chromedriver_38

WebDriver server for running Selenium tests on Chrome

nixos-unstable 38.8.4
- nixpkgs-unstable 38.8.4
- nixos-unstable-small 38.8.4

pkgs.electron-chromedriver_39

WebDriver server for running Selenium tests on Chrome

nixos-unstable 39.7.0
- nixpkgs-unstable 39.7.0
- nixos-unstable-small 39.7.0

pkgs.electron-chromedriver_40

WebDriver server for running Selenium tests on Chrome

nixos-unstable 40.6.1
- nixpkgs-unstable 40.6.1
- nixos-unstable-small 40.6.1

pkgs.ocamlPackages.chrome-trace

Chrome trace event generation library

nixos-unstable 3.20.2
- nixpkgs-unstable 3.20.2
- nixos-unstable-small 3.20.2

pkgs.noto-fonts-monochrome-emoji

Monochrome emoji font

nixos-unstable 3.000
- nixpkgs-unstable 3.000
- nixos-unstable-small 3.000

pkgs.python312Packages.pychromecast

None

pkgs.python313Packages.pychromecast

Library for Python to communicate with the Google Chromecast

nixos-unstable 14.0.9
- nixpkgs-unstable 14.0.9
- nixos-unstable-small 14.0.9

pkgs.python314Packages.pychromecast

Library for Python to communicate with the Google Chromecast

nixos-unstable 14.0.9
- nixpkgs-unstable 14.0.9
- nixos-unstable-small 14.0.9

pkgs.ocamlPackages_latest.chrome-trace

Chrome trace event generation library

nixos-unstable 3.20.2
- nixpkgs-unstable 3.20.2
- nixos-unstable-small 3.20.2

pkgs.python312Packages.undetected-chromedriver

None

pkgs.python313Packages.undetected-chromedriver

Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 3.5.5
- nixpkgs-unstable 3.5.5
- nixos-unstable-small 3.5.5

pkgs.python314Packages.undetected-chromedriver

Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 3.5.5
- nixpkgs-unstable 3.5.5
- nixos-unstable-small 3.5.5

pkgs.grafanaPlugins.ventura-psychrometric-panel

Grafana plugin to display air conditions on a psychrometric chart

nixos-unstable 5.1.0
- nixpkgs-unstable 5.1.0
- nixos-unstable-small 5.1.0

Package maintainers

@bdesham Benjamin Esham <benjamin@esham.io>
@UlyssesZh Ulysses Zhan <ulysseszhan@gmail.com>
@mmahut Marek Mahut <marek.mahut@gmail.com>
@emilylange Emily Lange <nix@emilylange.de>
@networkException networkException <nix@nwex.de>
@teutat3s teutat3s <teutates@mailbox.org>
@yayayayaka Yaya <github@uwu.is>
@TomaSajt TomaSajt
@liam-murphy14 Liam Murphy <liam.murphy137@gmail.com>
@zi3m5f zi3m5f <k7n3o3a6f@mozmail.com>
@iedame Rafael Ieda <git@ieda.me>
@mdaniels5757 Michael Daniels <nix@mdaniels.me>
@Shou Benedict Aas <x+g@shou.io>
@roberth Robert Hensing <nixpkgs@roberthensing.nl>
@nicoonoclaste nicoo <nicoo@debian.org>
@nagisa Simonas Kazlauskas <nixpkgs@kazlauskas.me>

Permalink CVE-2026-32062

7.5 HIGH

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): None (N)
User Interaction (UI): None (N)
Scope (S): Unchanged (U)
Confidentiality (C): None (N)
Integrity (I): None (N)
Availability (A): High (H)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): None (N)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): None (N)
Modified Availability (MA): High (H)

created 3 months, 1 week ago Activity log

Created suggestion 3 months, 1 week ago

OpenClaw 2026.2.21-2 < 2026.2.22 - Unauthenticated WebSocket Resource Exhaustion via Media Stream

OpenClaw versions2026.2.21-2 prior to 2026.2.22 and @openclaw/voice-call versions 2026.2.21 prior to 2026.2.22 accept media-stream WebSocket upgrades before stream validation, allowing unauthenticated clients to establish connections. Remote attackers can hold idle pre-authenticated sockets open to consume connection resources and degrade service availability for legitimate streams.

References

GitHub Security Advisory (GHSA-mfg5-7q5g-f37j) vendor-advisory
Patch Commit patch
VulnCheck Advisory: OpenClaw 2026.2.21-2 < 2026.2.22 - Unauthenticated WebSocket Resource Exhaustion via Media Stream third-party-advisory

Affected products

openclaw

==2026.2.22
<2026.2.22

voice-call

==2026.2.21
==2026.2.22

Matching in nixpkgs

pkgs.openclaw

Self-hosted, open-source AI assistant/agent

nixos-unstable 2026.2.26
- nixpkgs-unstable 2026.2.26
- nixos-unstable-small 2026.2.26

Package maintainers

@chrisportela Chris Portela <chris@chrisportela.com>

Permalink CVE-2026-31954

0.0 NONE

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): Low (L)
User Interaction (UI): None (N)
Scope (S): Unchanged (U)
Confidentiality (C): None (N)
Integrity (I): None (N)
Availability (A): None (N)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): Low (L)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): None (N)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): None (N)
Modified Availability (MA): None (N)

created 3 months, 1 week ago Activity log

Created suggestion 3 months, 1 week ago

Emlog asynchronous media file deletion missing CSRF protection

Emlog is an open source website building system. In 2.6.6 and earlier, the delete_async action (asynchronous delete) lacks a call to LoginAuth::checkToken(), enabling CSRF attacks.

References

https://github.com/emlog/emlog/security/advisories/GHSA-xc26-93qj-rcrw x_refsource_CONFIRM

Affected products

emlog

==<= 2.6.6

Matching in nixpkgs

pkgs.libsForQt5.ksystemlog

None

pkgs.kdePackages.ksystemlog

KDE SystemLog Application

nixos-unstable 25.12.3
- nixpkgs-unstable 25.12.3
- nixos-unstable-small 25.12.3

pkgs.plasma5Packages.ksystemlog

None

Package maintainers

@ilya-fedin Ilya Fedin <fedin-ilja2010@ya.ru>
@K900 Ilya K. <me@0upti.me>
@nyanloutre Paul Trehiou <paul@nyanlout.re>
@bkchr Bastian Köcher <nixos@kchr.de>
@mjm Matt Moriarity <matt@mattmoriarity.com>
@SuperSandro2000 Sandro Jäckel <sandro.jaeckel@gmail.com>
@ttuegel Thomas Tuegel <ttuegel@mailbox.org>
@FRidh Frederik Rietdijk <fridh@fridh.nl>
@LunNova Luna Nova <nixpkgs-maintainer@lunnova.dev>
@NickCao Nick Cao <nickcao@nichi.co>
@peterhoeg Peter Hoeg <peter@hoeg.com>

Permalink CVE-2026-3918

created 3 months, 1 week ago Activity log

Created suggestion 3 months, 1 week ago

Use after free in WebMCP in Google Chrome prior to …

Use after free in WebMCP in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

References

Affected products

Chrome

<146.0.7680.71

Matching in nixpkgs

pkgs.netflix

Open Netflix in Google Chrome app mode

nixos-unstable -
- nixpkgs-unstable
- nixos-unstable-small

pkgs.chromedriver

WebDriver server for running Selenium tests on Chrome

nixos-unstable 145.0.7632.159
- nixpkgs-unstable 145.0.7632.159
- nixos-unstable-small 146.0.7680.71

pkgs.mkchromecast

Cast macOS and Linux Audio/Video to your Google Cast and Sonos Devices

nixos-unstable 2025-12-21
- nixpkgs-unstable 2025-12-21
- nixos-unstable-small 2025-12-21

pkgs.chrome-export

Scripts to save Google Chrome's bookmarks and history as HTML bookmarks files

nixos-unstable 2.0.2
- nixpkgs-unstable 2.0.2
- nixos-unstable-small 2.0.2

pkgs.go-chromecast

CLI for Google Chromecast, Home devices and Cast Groups

nixos-unstable 0.3.4
- nixpkgs-unstable 0.3.4
- nixos-unstable-small 0.3.4

pkgs.google-chrome

Freeware web browser developed by Google

nixos-unstable 145.0.7632.159
- nixpkgs-unstable 145.0.7632.159
- nixos-unstable-small 145.0.7632.159

pkgs.xf86videoopenchrome

VIA Technologies UniChrome and Chrome9 IGP video driver for the Xorg X server

nixos-unstable 0.6.225
- nixpkgs-unstable 0.6.225
- nixos-unstable-small 0.6.225

pkgs.chrome-token-signing

Chrome and Firefox extension for signing with your eID on the web

nixos-unstable 1.1.5
- nixpkgs-unstable 1.1.5
- nixos-unstable-small 1.1.5

pkgs.chrome-pak-customizer

Simple batch tool to customize pak files in chrome or chromium-based browser

nixos-unstable 2.0-unstable-2021-06-24
- nixpkgs-unstable 2.0-unstable-2021-06-24
- nixos-unstable-small 2.0-unstable-2021-06-24

pkgs.electron-chromedriver

WebDriver server for running Selenium tests on Chrome

nixos-unstable 38.8.4
- nixpkgs-unstable 38.8.4
- nixos-unstable-small 38.8.4

pkgs.xf86-video-openchrome

VIA Technologies UniChrome and Chrome9 IGP video driver for the Xorg X server

nixos-unstable 0.6.225
- nixpkgs-unstable 0.6.225
- nixos-unstable-small 0.6.225

pkgs.curl-impersonate-chrome

None

pkgs.undetected-chromedriver

Custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 145.0.7632.159
- nixpkgs-unstable 145.0.7632.159
- nixos-unstable-small 146.0.7680.71

pkgs.electron-chromedriver_33

None

pkgs.electron-chromedriver_34

None

pkgs.electron-chromedriver_35

None

pkgs.electron-chromedriver_36

None

pkgs.electron-chromedriver_37

WebDriver server for running Selenium tests on Chrome

nixos-unstable 37.10.3
- nixpkgs-unstable 37.10.3
- nixos-unstable-small 37.10.3

pkgs.electron-chromedriver_38

WebDriver server for running Selenium tests on Chrome

nixos-unstable 38.8.4
- nixpkgs-unstable 38.8.4
- nixos-unstable-small 38.8.4

pkgs.electron-chromedriver_39

WebDriver server for running Selenium tests on Chrome

nixos-unstable 39.7.0
- nixpkgs-unstable 39.7.0
- nixos-unstable-small 39.7.0

pkgs.electron-chromedriver_40

WebDriver server for running Selenium tests on Chrome

nixos-unstable 40.6.1
- nixpkgs-unstable 40.6.1
- nixos-unstable-small 40.6.1

pkgs.xorg.xf86videoopenchrome

None

pkgs.ocamlPackages.chrome-trace

Chrome trace event generation library

nixos-unstable 3.20.2
- nixpkgs-unstable 3.20.2
- nixos-unstable-small 3.20.2

pkgs.noto-fonts-monochrome-emoji

Monochrome emoji font

nixos-unstable 3.000
- nixpkgs-unstable 3.000
- nixos-unstable-small 3.000

pkgs.python312Packages.pychromecast

None

pkgs.python313Packages.pychromecast

Library for Python to communicate with the Google Chromecast

nixos-unstable 14.0.9
- nixpkgs-unstable 14.0.9
- nixos-unstable-small 14.0.9

pkgs.python314Packages.pychromecast

Library for Python to communicate with the Google Chromecast

nixos-unstable 14.0.9
- nixpkgs-unstable 14.0.9
- nixos-unstable-small 14.0.9

pkgs.ocamlPackages_latest.chrome-trace

Chrome trace event generation library

nixos-unstable 3.20.2
- nixpkgs-unstable 3.20.2
- nixos-unstable-small 3.20.2

pkgs.python312Packages.undetected-chromedriver

None

pkgs.python313Packages.undetected-chromedriver

Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 3.5.5
- nixpkgs-unstable 3.5.5
- nixos-unstable-small 3.5.5

pkgs.python314Packages.undetected-chromedriver

Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 3.5.5
- nixpkgs-unstable 3.5.5
- nixos-unstable-small 3.5.5

pkgs.grafanaPlugins.ventura-psychrometric-panel

Grafana plugin to display air conditions on a psychrometric chart

nixos-unstable 5.1.0
- nixpkgs-unstable 5.1.0
- nixos-unstable-small 5.1.0

Package maintainers

@bdesham Benjamin Esham <benjamin@esham.io>
@UlyssesZh Ulysses Zhan <ulysseszhan@gmail.com>
@mmahut Marek Mahut <marek.mahut@gmail.com>
@emilylange Emily Lange <nix@emilylange.de>
@networkException networkException <nix@nwex.de>
@teutat3s teutat3s <teutates@mailbox.org>
@yayayayaka Yaya <github@uwu.is>
@TomaSajt TomaSajt
@liam-murphy14 Liam Murphy <liam.murphy137@gmail.com>
@zi3m5f zi3m5f <k7n3o3a6f@mozmail.com>
@iedame Rafael Ieda <git@ieda.me>
@mdaniels5757 Michael Daniels <nix@mdaniels.me>
@Shou Benedict Aas <x+g@shou.io>
@roberth Robert Hensing <nixpkgs@roberthensing.nl>
@nicoonoclaste nicoo <nicoo@debian.org>
@nagisa Simonas Kazlauskas <nixpkgs@kazlauskas.me>

Permalink CVE-2026-3919

created 3 months, 1 week ago Activity log

Created suggestion 3 months, 1 week ago

Use after free in Extensions in Google Chrome prior to …

Use after free in Extensions in Google Chrome prior to 146.0.7680.71 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

References

Affected products

Chrome

<146.0.7680.71

Matching in nixpkgs

pkgs.netflix

Open Netflix in Google Chrome app mode

nixos-unstable -
- nixpkgs-unstable
- nixos-unstable-small

pkgs.chromedriver

WebDriver server for running Selenium tests on Chrome

nixos-unstable 145.0.7632.159
- nixpkgs-unstable 145.0.7632.159
- nixos-unstable-small 146.0.7680.71

pkgs.mkchromecast

Cast macOS and Linux Audio/Video to your Google Cast and Sonos Devices

nixos-unstable 2025-12-21
- nixpkgs-unstable 2025-12-21
- nixos-unstable-small 2025-12-21

pkgs.chrome-export

Scripts to save Google Chrome's bookmarks and history as HTML bookmarks files

nixos-unstable 2.0.2
- nixpkgs-unstable 2.0.2
- nixos-unstable-small 2.0.2

pkgs.go-chromecast

CLI for Google Chromecast, Home devices and Cast Groups

nixos-unstable 0.3.4
- nixpkgs-unstable 0.3.4
- nixos-unstable-small 0.3.4

pkgs.google-chrome

Freeware web browser developed by Google

nixos-unstable 145.0.7632.159
- nixpkgs-unstable 145.0.7632.159
- nixos-unstable-small 145.0.7632.159

pkgs.xf86videoopenchrome

VIA Technologies UniChrome and Chrome9 IGP video driver for the Xorg X server

nixos-unstable 0.6.225
- nixpkgs-unstable 0.6.225
- nixos-unstable-small 0.6.225

pkgs.chrome-token-signing

Chrome and Firefox extension for signing with your eID on the web

nixos-unstable 1.1.5
- nixpkgs-unstable 1.1.5
- nixos-unstable-small 1.1.5

pkgs.chrome-pak-customizer

Simple batch tool to customize pak files in chrome or chromium-based browser

nixos-unstable 2.0-unstable-2021-06-24
- nixpkgs-unstable 2.0-unstable-2021-06-24
- nixos-unstable-small 2.0-unstable-2021-06-24

pkgs.electron-chromedriver

WebDriver server for running Selenium tests on Chrome

nixos-unstable 38.8.4
- nixpkgs-unstable 38.8.4
- nixos-unstable-small 38.8.4

pkgs.xf86-video-openchrome

VIA Technologies UniChrome and Chrome9 IGP video driver for the Xorg X server

nixos-unstable 0.6.225
- nixpkgs-unstable 0.6.225
- nixos-unstable-small 0.6.225

pkgs.curl-impersonate-chrome

None

pkgs.undetected-chromedriver

Custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 145.0.7632.159
- nixpkgs-unstable 145.0.7632.159
- nixos-unstable-small 146.0.7680.71

pkgs.electron-chromedriver_33

None

pkgs.electron-chromedriver_34

None

pkgs.electron-chromedriver_35

None

pkgs.electron-chromedriver_36

None

pkgs.electron-chromedriver_37

WebDriver server for running Selenium tests on Chrome

nixos-unstable 37.10.3
- nixpkgs-unstable 37.10.3
- nixos-unstable-small 37.10.3

pkgs.electron-chromedriver_38

WebDriver server for running Selenium tests on Chrome

nixos-unstable 38.8.4
- nixpkgs-unstable 38.8.4
- nixos-unstable-small 38.8.4

pkgs.electron-chromedriver_39

WebDriver server for running Selenium tests on Chrome

nixos-unstable 39.7.0
- nixpkgs-unstable 39.7.0
- nixos-unstable-small 39.7.0

pkgs.electron-chromedriver_40

WebDriver server for running Selenium tests on Chrome

nixos-unstable 40.6.1
- nixpkgs-unstable 40.6.1
- nixos-unstable-small 40.6.1

pkgs.xorg.xf86videoopenchrome

None

pkgs.ocamlPackages.chrome-trace

Chrome trace event generation library

nixos-unstable 3.20.2
- nixpkgs-unstable 3.20.2
- nixos-unstable-small 3.20.2

pkgs.noto-fonts-monochrome-emoji

Monochrome emoji font

nixos-unstable 3.000
- nixpkgs-unstable 3.000
- nixos-unstable-small 3.000

pkgs.python312Packages.pychromecast

None

pkgs.python313Packages.pychromecast

Library for Python to communicate with the Google Chromecast

nixos-unstable 14.0.9
- nixpkgs-unstable 14.0.9
- nixos-unstable-small 14.0.9

pkgs.python314Packages.pychromecast

Library for Python to communicate with the Google Chromecast

nixos-unstable 14.0.9
- nixpkgs-unstable 14.0.9
- nixos-unstable-small 14.0.9

pkgs.ocamlPackages_latest.chrome-trace

Chrome trace event generation library

nixos-unstable 3.20.2
- nixpkgs-unstable 3.20.2
- nixos-unstable-small 3.20.2

pkgs.python312Packages.undetected-chromedriver

None

pkgs.python313Packages.undetected-chromedriver

Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 3.5.5
- nixpkgs-unstable 3.5.5
- nixos-unstable-small 3.5.5

pkgs.python314Packages.undetected-chromedriver

Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 3.5.5
- nixpkgs-unstable 3.5.5
- nixos-unstable-small 3.5.5

pkgs.grafanaPlugins.ventura-psychrometric-panel

Grafana plugin to display air conditions on a psychrometric chart

nixos-unstable 5.1.0
- nixpkgs-unstable 5.1.0
- nixos-unstable-small 5.1.0

Package maintainers

@bdesham Benjamin Esham <benjamin@esham.io>
@UlyssesZh Ulysses Zhan <ulysseszhan@gmail.com>
@mmahut Marek Mahut <marek.mahut@gmail.com>
@emilylange Emily Lange <nix@emilylange.de>
@networkException networkException <nix@nwex.de>
@teutat3s teutat3s <teutates@mailbox.org>
@yayayayaka Yaya <github@uwu.is>
@TomaSajt TomaSajt
@liam-murphy14 Liam Murphy <liam.murphy137@gmail.com>
@zi3m5f zi3m5f <k7n3o3a6f@mozmail.com>
@iedame Rafael Ieda <git@ieda.me>
@mdaniels5757 Michael Daniels <nix@mdaniels.me>
@Shou Benedict Aas <x+g@shou.io>
@roberth Robert Hensing <nixpkgs@roberthensing.nl>
@nicoonoclaste nicoo <nicoo@debian.org>
@nagisa Simonas Kazlauskas <nixpkgs@kazlauskas.me>

Permalink CVE-2026-3941

created 3 months, 1 week ago Activity log

Created suggestion 3 months, 1 week ago

Insufficient policy enforcement in DevTools in Google Chrome prior to …

Insufficient policy enforcement in DevTools in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)

References

Affected products

Chrome

<146.0.7680.71

Matching in nixpkgs

pkgs.netflix

Open Netflix in Google Chrome app mode

nixos-unstable -
- nixpkgs-unstable
- nixos-unstable-small

pkgs.chromedriver

WebDriver server for running Selenium tests on Chrome

nixos-unstable 145.0.7632.159
- nixpkgs-unstable 145.0.7632.159
- nixos-unstable-small 146.0.7680.71

pkgs.mkchromecast

Cast macOS and Linux Audio/Video to your Google Cast and Sonos Devices

nixos-unstable 2025-12-21
- nixpkgs-unstable 2025-12-21
- nixos-unstable-small 2025-12-21

pkgs.chrome-export

Scripts to save Google Chrome's bookmarks and history as HTML bookmarks files

nixos-unstable 2.0.2
- nixpkgs-unstable 2.0.2
- nixos-unstable-small 2.0.2

pkgs.go-chromecast

CLI for Google Chromecast, Home devices and Cast Groups

nixos-unstable 0.3.4
- nixpkgs-unstable 0.3.4
- nixos-unstable-small 0.3.4

pkgs.google-chrome

Freeware web browser developed by Google

nixos-unstable 145.0.7632.159
- nixpkgs-unstable 145.0.7632.159
- nixos-unstable-small 145.0.7632.159

pkgs.xf86videoopenchrome

VIA Technologies UniChrome and Chrome9 IGP video driver for the Xorg X server

nixos-unstable 0.6.225
- nixpkgs-unstable 0.6.225
- nixos-unstable-small 0.6.225

pkgs.chrome-token-signing

Chrome and Firefox extension for signing with your eID on the web

nixos-unstable 1.1.5
- nixpkgs-unstable 1.1.5
- nixos-unstable-small 1.1.5

pkgs.chrome-pak-customizer

Simple batch tool to customize pak files in chrome or chromium-based browser

nixos-unstable 2.0-unstable-2021-06-24
- nixpkgs-unstable 2.0-unstable-2021-06-24
- nixos-unstable-small 2.0-unstable-2021-06-24

pkgs.electron-chromedriver

WebDriver server for running Selenium tests on Chrome

nixos-unstable 38.8.4
- nixpkgs-unstable 38.8.4
- nixos-unstable-small 38.8.4

pkgs.xf86-video-openchrome

VIA Technologies UniChrome and Chrome9 IGP video driver for the Xorg X server

nixos-unstable 0.6.225
- nixpkgs-unstable 0.6.225
- nixos-unstable-small 0.6.225

pkgs.curl-impersonate-chrome

None

pkgs.undetected-chromedriver

Custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 145.0.7632.159
- nixpkgs-unstable 145.0.7632.159
- nixos-unstable-small 146.0.7680.71

pkgs.electron-chromedriver_33

None

pkgs.electron-chromedriver_34

None

pkgs.electron-chromedriver_35

None

pkgs.electron-chromedriver_36

None

pkgs.electron-chromedriver_37

WebDriver server for running Selenium tests on Chrome

nixos-unstable 37.10.3
- nixpkgs-unstable 37.10.3
- nixos-unstable-small 37.10.3

pkgs.electron-chromedriver_38

WebDriver server for running Selenium tests on Chrome

nixos-unstable 38.8.4
- nixpkgs-unstable 38.8.4
- nixos-unstable-small 38.8.4

pkgs.electron-chromedriver_39

WebDriver server for running Selenium tests on Chrome

nixos-unstable 39.7.0
- nixpkgs-unstable 39.7.0
- nixos-unstable-small 39.7.0

pkgs.electron-chromedriver_40

WebDriver server for running Selenium tests on Chrome

nixos-unstable 40.6.1
- nixpkgs-unstable 40.6.1
- nixos-unstable-small 40.6.1

pkgs.xorg.xf86videoopenchrome

None

pkgs.ocamlPackages.chrome-trace

Chrome trace event generation library

nixos-unstable 3.20.2
- nixpkgs-unstable 3.20.2
- nixos-unstable-small 3.20.2

pkgs.noto-fonts-monochrome-emoji

Monochrome emoji font

nixos-unstable 3.000
- nixpkgs-unstable 3.000
- nixos-unstable-small 3.000

pkgs.python312Packages.pychromecast

None

pkgs.python313Packages.pychromecast

Library for Python to communicate with the Google Chromecast

nixos-unstable 14.0.9
- nixpkgs-unstable 14.0.9
- nixos-unstable-small 14.0.9

pkgs.python314Packages.pychromecast

Library for Python to communicate with the Google Chromecast

nixos-unstable 14.0.9
- nixpkgs-unstable 14.0.9
- nixos-unstable-small 14.0.9

pkgs.ocamlPackages_latest.chrome-trace

Chrome trace event generation library

nixos-unstable 3.20.2
- nixpkgs-unstable 3.20.2
- nixos-unstable-small 3.20.2

pkgs.python312Packages.undetected-chromedriver

None

pkgs.python313Packages.undetected-chromedriver

Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 3.5.5
- nixpkgs-unstable 3.5.5
- nixos-unstable-small 3.5.5

pkgs.python314Packages.undetected-chromedriver

Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 3.5.5
- nixpkgs-unstable 3.5.5
- nixos-unstable-small 3.5.5

pkgs.grafanaPlugins.ventura-psychrometric-panel

Grafana plugin to display air conditions on a psychrometric chart

nixos-unstable 5.1.0
- nixpkgs-unstable 5.1.0
- nixos-unstable-small 5.1.0

Package maintainers

@bdesham Benjamin Esham <benjamin@esham.io>
@UlyssesZh Ulysses Zhan <ulysseszhan@gmail.com>
@mmahut Marek Mahut <marek.mahut@gmail.com>
@emilylange Emily Lange <nix@emilylange.de>
@networkException networkException <nix@nwex.de>
@teutat3s teutat3s <teutates@mailbox.org>
@yayayayaka Yaya <github@uwu.is>
@TomaSajt TomaSajt
@liam-murphy14 Liam Murphy <liam.murphy137@gmail.com>
@zi3m5f zi3m5f <k7n3o3a6f@mozmail.com>
@iedame Rafael Ieda <git@ieda.me>
@mdaniels5757 Michael Daniels <nix@mdaniels.me>
@Shou Benedict Aas <x+g@shou.io>
@roberth Robert Hensing <nixpkgs@roberthensing.nl>
@nicoonoclaste nicoo <nicoo@debian.org>
@nagisa Simonas Kazlauskas <nixpkgs@kazlauskas.me>

Permalink CVE-2026-31863

3.6 LOW

CVSS version (CVSS): 3.1
Attack Vector (AV): Local (L)
Attack Complexity (AC): High (H)
Privileges Required (PR): Low (L)
User Interaction (UI): None (N)
Scope (S): Unchanged (U)
Confidentiality (C): Low (L)
Integrity (I): Low (L)
Availability (A): None (N)
Modified Attack Vector (MAV): Local (L)
Modified Attack Complexity (MAC): High (H)
Modified Privileges Required (MPR): Low (L)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): Low (L)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): Low (L)
Modified Availability (MA): None (N)

created 3 months, 1 week ago Activity log

Created suggestion 3 months, 1 week ago

Improper Restriction of Excessive Authentication Attempts in github.com/anyproto/anytype-heart

Anytype Heart is the middleware library for Anytype. The challenge-based authentication for the local gRPC client API can be bypassed, allowing an attacker to gain access without the 4-digit code. This vulnerability is fixed in anytype-heart 0.48.4, anytype-cli 0.1.11, and Anytype Desktop 0.54.5.

References

https://github.com/anyproto/anytype-heart/security/advisories/GHSA-vv3h-7qwr-722v x_refsource_CONFIRM

Affected products

anytype-ts

==< 0.54.5

anytype-cli

==< 0.1.11

anytype-heart

==< 0.48.4

Matching in nixpkgs

pkgs.anytype-heart

Shared library for Anytype clients

nixos-unstable 0.48.1
- nixpkgs-unstable 0.48.1
- nixos-unstable-small 0.48.4

Package maintainers

@autrimpo Michal Koutenský <michal@koutensky.net>
@kira-bruneau Kira Bruneau <kira.bruneau@pm.me>
@adda0 David Chocholatý <chocholaty.david@protonmail.com>

Permalink CVE-2026-3936

created 3 months, 1 week ago Activity log

Created suggestion 3 months, 1 week ago

Use after free in WebView in Google Chrome on Android …

Use after free in WebView in Google Chrome on Android prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

References

Affected products

Chrome

<146.0.7680.71

Matching in nixpkgs

pkgs.netflix

Open Netflix in Google Chrome app mode

nixos-unstable -
- nixpkgs-unstable
- nixos-unstable-small

pkgs.chromedriver

WebDriver server for running Selenium tests on Chrome

nixos-unstable 145.0.7632.159
- nixpkgs-unstable 145.0.7632.159
- nixos-unstable-small 146.0.7680.71

pkgs.mkchromecast

Cast macOS and Linux Audio/Video to your Google Cast and Sonos Devices

nixos-unstable 2025-12-21
- nixpkgs-unstable 2025-12-21
- nixos-unstable-small 2025-12-21

pkgs.chrome-export

Scripts to save Google Chrome's bookmarks and history as HTML bookmarks files

nixos-unstable 2.0.2
- nixpkgs-unstable 2.0.2
- nixos-unstable-small 2.0.2

pkgs.go-chromecast

CLI for Google Chromecast, Home devices and Cast Groups

nixos-unstable 0.3.4
- nixpkgs-unstable 0.3.4
- nixos-unstable-small 0.3.4

pkgs.google-chrome

Freeware web browser developed by Google

nixos-unstable 145.0.7632.159
- nixpkgs-unstable 145.0.7632.159
- nixos-unstable-small 145.0.7632.159

pkgs.xf86videoopenchrome

VIA Technologies UniChrome and Chrome9 IGP video driver for the Xorg X server

nixos-unstable 0.6.225
- nixpkgs-unstable 0.6.225
- nixos-unstable-small 0.6.225

pkgs.chrome-token-signing

Chrome and Firefox extension for signing with your eID on the web

nixos-unstable 1.1.5
- nixpkgs-unstable 1.1.5
- nixos-unstable-small 1.1.5

pkgs.chrome-pak-customizer

Simple batch tool to customize pak files in chrome or chromium-based browser

nixos-unstable 2.0-unstable-2021-06-24
- nixpkgs-unstable 2.0-unstable-2021-06-24
- nixos-unstable-small 2.0-unstable-2021-06-24

pkgs.electron-chromedriver

WebDriver server for running Selenium tests on Chrome

nixos-unstable 38.8.4
- nixpkgs-unstable 38.8.4
- nixos-unstable-small 38.8.4

pkgs.xf86-video-openchrome

VIA Technologies UniChrome and Chrome9 IGP video driver for the Xorg X server

nixos-unstable 0.6.225
- nixpkgs-unstable 0.6.225
- nixos-unstable-small 0.6.225

pkgs.curl-impersonate-chrome

None

pkgs.undetected-chromedriver

Custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 145.0.7632.159
- nixpkgs-unstable 145.0.7632.159
- nixos-unstable-small 146.0.7680.71

pkgs.electron-chromedriver_33

None

pkgs.electron-chromedriver_34

None

pkgs.electron-chromedriver_35

None

pkgs.electron-chromedriver_36

None

pkgs.electron-chromedriver_37

WebDriver server for running Selenium tests on Chrome

nixos-unstable 37.10.3
- nixpkgs-unstable 37.10.3
- nixos-unstable-small 37.10.3

pkgs.electron-chromedriver_38

WebDriver server for running Selenium tests on Chrome

nixos-unstable 38.8.4
- nixpkgs-unstable 38.8.4
- nixos-unstable-small 38.8.4

pkgs.electron-chromedriver_39

WebDriver server for running Selenium tests on Chrome

nixos-unstable 39.7.0
- nixpkgs-unstable 39.7.0
- nixos-unstable-small 39.7.0

pkgs.electron-chromedriver_40

WebDriver server for running Selenium tests on Chrome

nixos-unstable 40.6.1
- nixpkgs-unstable 40.6.1
- nixos-unstable-small 40.6.1

pkgs.xorg.xf86videoopenchrome

None

pkgs.ocamlPackages.chrome-trace

Chrome trace event generation library

nixos-unstable 3.20.2
- nixpkgs-unstable 3.20.2
- nixos-unstable-small 3.20.2

pkgs.noto-fonts-monochrome-emoji

Monochrome emoji font

nixos-unstable 3.000
- nixpkgs-unstable 3.000
- nixos-unstable-small 3.000

pkgs.python312Packages.pychromecast

None

pkgs.python313Packages.pychromecast

Library for Python to communicate with the Google Chromecast

nixos-unstable 14.0.9
- nixpkgs-unstable 14.0.9
- nixos-unstable-small 14.0.9

pkgs.python314Packages.pychromecast

Library for Python to communicate with the Google Chromecast

nixos-unstable 14.0.9
- nixpkgs-unstable 14.0.9
- nixos-unstable-small 14.0.9

pkgs.ocamlPackages_latest.chrome-trace

Chrome trace event generation library

nixos-unstable 3.20.2
- nixpkgs-unstable 3.20.2
- nixos-unstable-small 3.20.2

pkgs.python312Packages.undetected-chromedriver

None

pkgs.python313Packages.undetected-chromedriver

Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 3.5.5
- nixpkgs-unstable 3.5.5
- nixos-unstable-small 3.5.5

pkgs.python314Packages.undetected-chromedriver

Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 3.5.5
- nixpkgs-unstable 3.5.5
- nixos-unstable-small 3.5.5

pkgs.grafanaPlugins.ventura-psychrometric-panel

Grafana plugin to display air conditions on a psychrometric chart

nixos-unstable 5.1.0
- nixpkgs-unstable 5.1.0
- nixos-unstable-small 5.1.0

Package maintainers

@bdesham Benjamin Esham <benjamin@esham.io>
@UlyssesZh Ulysses Zhan <ulysseszhan@gmail.com>
@mmahut Marek Mahut <marek.mahut@gmail.com>
@emilylange Emily Lange <nix@emilylange.de>
@networkException networkException <nix@nwex.de>
@teutat3s teutat3s <teutates@mailbox.org>
@yayayayaka Yaya <github@uwu.is>
@TomaSajt TomaSajt
@liam-murphy14 Liam Murphy <liam.murphy137@gmail.com>
@zi3m5f zi3m5f <k7n3o3a6f@mozmail.com>
@iedame Rafael Ieda <git@ieda.me>
@mdaniels5757 Michael Daniels <nix@mdaniels.me>
@Shou Benedict Aas <x+g@shou.io>
@roberth Robert Hensing <nixpkgs@roberthensing.nl>
@nicoonoclaste nicoo <nicoo@debian.org>
@nagisa Simonas Kazlauskas <nixpkgs@kazlauskas.me>

Permalink CVE-2026-3924

created 3 months, 1 week ago Activity log

Created suggestion 3 months, 1 week ago

use after free in WindowDialog in Google Chrome prior to …

use after free in WindowDialog in Google Chrome prior to 146.0.7680.71 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

References

Affected products

Chrome

<146.0.7680.71

Matching in nixpkgs

pkgs.netflix

Open Netflix in Google Chrome app mode

nixos-unstable -
- nixpkgs-unstable
- nixos-unstable-small

pkgs.chromedriver

WebDriver server for running Selenium tests on Chrome

nixos-unstable 145.0.7632.159
- nixpkgs-unstable 145.0.7632.159
- nixos-unstable-small 146.0.7680.71

pkgs.mkchromecast

Cast macOS and Linux Audio/Video to your Google Cast and Sonos Devices

nixos-unstable 2025-12-21
- nixpkgs-unstable 2025-12-21
- nixos-unstable-small 2025-12-21

pkgs.chrome-export

Scripts to save Google Chrome's bookmarks and history as HTML bookmarks files

nixos-unstable 2.0.2
- nixpkgs-unstable 2.0.2
- nixos-unstable-small 2.0.2

pkgs.go-chromecast

CLI for Google Chromecast, Home devices and Cast Groups

nixos-unstable 0.3.4
- nixpkgs-unstable 0.3.4
- nixos-unstable-small 0.3.4

pkgs.google-chrome

Freeware web browser developed by Google

nixos-unstable 145.0.7632.159
- nixpkgs-unstable 145.0.7632.159
- nixos-unstable-small 145.0.7632.159

pkgs.xf86videoopenchrome

VIA Technologies UniChrome and Chrome9 IGP video driver for the Xorg X server

nixos-unstable 0.6.225
- nixpkgs-unstable 0.6.225
- nixos-unstable-small 0.6.225

pkgs.chrome-token-signing

Chrome and Firefox extension for signing with your eID on the web

nixos-unstable 1.1.5
- nixpkgs-unstable 1.1.5
- nixos-unstable-small 1.1.5

pkgs.chrome-pak-customizer

Simple batch tool to customize pak files in chrome or chromium-based browser

nixos-unstable 2.0-unstable-2021-06-24
- nixpkgs-unstable 2.0-unstable-2021-06-24
- nixos-unstable-small 2.0-unstable-2021-06-24

pkgs.electron-chromedriver

WebDriver server for running Selenium tests on Chrome

nixos-unstable 38.8.4
- nixpkgs-unstable 38.8.4
- nixos-unstable-small 38.8.4

pkgs.xf86-video-openchrome

VIA Technologies UniChrome and Chrome9 IGP video driver for the Xorg X server

nixos-unstable 0.6.225
- nixpkgs-unstable 0.6.225
- nixos-unstable-small 0.6.225

pkgs.curl-impersonate-chrome

None

pkgs.undetected-chromedriver

Custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 145.0.7632.159
- nixpkgs-unstable 145.0.7632.159
- nixos-unstable-small 146.0.7680.71

pkgs.electron-chromedriver_33

None

pkgs.electron-chromedriver_34

None

pkgs.electron-chromedriver_35

None

pkgs.electron-chromedriver_36

None

pkgs.electron-chromedriver_37

WebDriver server for running Selenium tests on Chrome

nixos-unstable 37.10.3
- nixpkgs-unstable 37.10.3
- nixos-unstable-small 37.10.3

pkgs.electron-chromedriver_38

WebDriver server for running Selenium tests on Chrome

nixos-unstable 38.8.4
- nixpkgs-unstable 38.8.4
- nixos-unstable-small 38.8.4

pkgs.electron-chromedriver_39

WebDriver server for running Selenium tests on Chrome

nixos-unstable 39.7.0
- nixpkgs-unstable 39.7.0
- nixos-unstable-small 39.7.0

pkgs.electron-chromedriver_40

WebDriver server for running Selenium tests on Chrome

nixos-unstable 40.6.1
- nixpkgs-unstable 40.6.1
- nixos-unstable-small 40.6.1

pkgs.xorg.xf86videoopenchrome

None

pkgs.ocamlPackages.chrome-trace

Chrome trace event generation library

nixos-unstable 3.20.2
- nixpkgs-unstable 3.20.2
- nixos-unstable-small 3.20.2

pkgs.noto-fonts-monochrome-emoji

Monochrome emoji font

nixos-unstable 3.000
- nixpkgs-unstable 3.000
- nixos-unstable-small 3.000

pkgs.python312Packages.pychromecast

None

pkgs.python313Packages.pychromecast

Library for Python to communicate with the Google Chromecast

nixos-unstable 14.0.9
- nixpkgs-unstable 14.0.9
- nixos-unstable-small 14.0.9

pkgs.python314Packages.pychromecast

Library for Python to communicate with the Google Chromecast

nixos-unstable 14.0.9
- nixpkgs-unstable 14.0.9
- nixos-unstable-small 14.0.9

pkgs.ocamlPackages_latest.chrome-trace

Chrome trace event generation library

nixos-unstable 3.20.2
- nixpkgs-unstable 3.20.2
- nixos-unstable-small 3.20.2

pkgs.python312Packages.undetected-chromedriver

None

pkgs.python313Packages.undetected-chromedriver

Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 3.5.5
- nixpkgs-unstable 3.5.5
- nixos-unstable-small 3.5.5

pkgs.python314Packages.undetected-chromedriver

Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 3.5.5
- nixpkgs-unstable 3.5.5
- nixos-unstable-small 3.5.5

pkgs.grafanaPlugins.ventura-psychrometric-panel

Grafana plugin to display air conditions on a psychrometric chart

nixos-unstable 5.1.0
- nixpkgs-unstable 5.1.0
- nixos-unstable-small 5.1.0

Package maintainers

@bdesham Benjamin Esham <benjamin@esham.io>
@UlyssesZh Ulysses Zhan <ulysseszhan@gmail.com>
@mmahut Marek Mahut <marek.mahut@gmail.com>
@emilylange Emily Lange <nix@emilylange.de>
@networkException networkException <nix@nwex.de>
@teutat3s teutat3s <teutates@mailbox.org>
@yayayayaka Yaya <github@uwu.is>
@TomaSajt TomaSajt
@liam-murphy14 Liam Murphy <liam.murphy137@gmail.com>
@zi3m5f zi3m5f <k7n3o3a6f@mozmail.com>
@iedame Rafael Ieda <git@ieda.me>
@mdaniels5757 Michael Daniels <nix@mdaniels.me>
@Shou Benedict Aas <x+g@shou.io>
@roberth Robert Hensing <nixpkgs@roberthensing.nl>
@nicoonoclaste nicoo <nicoo@debian.org>
@nagisa Simonas Kazlauskas <nixpkgs@kazlauskas.me>

Permalink CVE-2026-3942

created 3 months, 1 week ago Activity log

Created suggestion 3 months, 1 week ago

Incorrect security UI in PictureInPicture in Google Chrome prior to …

Incorrect security UI in PictureInPicture in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)