Nixpkgs Security Tracker

Login with GitHub
⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Automatically generated suggestions

to queue a suggestion for refinement.

to remove a suggestion from the queue.

CVE-2025-26596
7.8 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 9 months, 3 weeks ago
Xorg: xwayland: heap overflow in xkbwritekeysyms()

A heap overflow flaw was found in X.Org and Xwayland. The computation of the length in XkbSizeKeySyms() differs from what is written in XkbWriteKeySyms(), which may lead to a heap-based buffer overflow.

Affected products

xserver
  • <24.1.6
  • <21.1.16
tigervnc
  • *
xorg-x11-server
  • *
xorg-x11-server-Xwayland
  • *

Matching in nixpkgs

pkgs.tigervnc

Fork of tightVNC, made in cooperation with VirtualGL

CVE-2025-26915
8.5 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): CHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): NONE
  • Availability impact (A): LOW
created 9 months, 3 weeks ago
WordPress Wishlist Plugin <= 1.0.41 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in PickPlugins Wishlist allows SQL Injection. This issue affects Wishlist: from n/a through 1.0.41.

Affected products

wishlist
  • =<1.0.41

Matching in nixpkgs

pkgs.wishlist

Single entrypoint for multiple SSH endpoints

Package maintainers: 2

CVE-2025-26600
7.8 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 9 months, 3 weeks ago
Xorg: xwayland: use-after-free in playreleasedevents()

A use-after-free flaw was found in X.Org and Xwayland. When a device is removed while still frozen, the events queued for that device remain while the device is freed. Replaying the events will cause a use-after-free.

Affected products

xserver
  • <24.1.6
  • <21.1.16
tigervnc
  • *
xorg-x11-server
  • *
xorg-x11-server-Xwayland
  • *

Matching in nixpkgs

pkgs.tigervnc

Fork of tightVNC, made in cooperation with VirtualGL

CVE-2025-26601
7.8 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 9 months, 3 weeks ago
Xorg: xwayland: use-after-free in syncinittrigger()

A use-after-free flaw was found in X.Org and Xwayland. When changing an alarm, the values of the change mask are evaluated one after the other, changing the trigger values as requested, and eventually, SyncInitTrigger() is called. If one of the changes triggers an error, the function will return early, not adding the new sync object, possibly causing a use-after-free when the alarm eventually triggers.

Affected products

xserver
  • <24.1.6
  • <21.1.16
tigervnc
  • *
xorg-x11-server
  • *
xorg-x11-server-Xwayland
  • *

Matching in nixpkgs

pkgs.tigervnc

Fork of tightVNC, made in cooperation with VirtualGL

CVE-2023-28331
6.1 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): CHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): NONE
created 9 months, 3 weeks ago
Moodle: xss risk when outputting database activity filter data

Content output by the database auto-linking filter required additional sanitizing to prevent an XSS risk.

Affected products

moodle
  • <3.11.13
  • <4.1.2
  • <3.9.20
  • <4.0.7

Matching in nixpkgs

pkgs.moodle

Free and open-source learning management system (LMS) written in PHP

pkgs.moodle-dl

Moodle downloader that downloads course content fast from Moodle

Package maintainers: 2

CVE-2025-26598
7.8 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 9 months, 3 weeks ago
Xorg: xwayland: out-of-bounds write in createpointerbarrierclient()

An out-of-bounds write flaw was found in X.Org and Xwayland. The function GetBarrierDevice() searches for the pointer device based on its device ID and returns the matching value, or supposedly NULL, if no match was found. However, the code will return the last element of the list if no matching device ID is found, which can lead to out-of-bounds memory access.

Affected products

xserver
  • <24.1.6
  • <21.1.16
tigervnc
  • *
xorg-x11-server
  • *
xorg-x11-server-Xwayland
  • *

Matching in nixpkgs

pkgs.tigervnc

Fork of tightVNC, made in cooperation with VirtualGL

CVE-2025-0838
created 9 months, 3 weeks ago
Heap Buffer overflow in Abseil

There exists a heap buffer overflow vulnerable in Abseil-cpp. The sized constructors, reserve(), and rehash() methods of absl::{flat,node}hash{set,map} did not impose an upper bound on their size argument. As a result, it was possible for a caller to pass a very large size that would cause an integer overflow when computing the size of the container's backing store, and a subsequent out-of-bounds memory write. Subsequent accesses to the container might also access out-of-bounds memory. We recommend upgrading past commit 5a0e2cb5e3958dd90bb8569a2766622cb74d90c1

Affected products

abseil-cpp
  • <5a0e2cb5e3958dd90bb8569a2766622cb74d90c1

Matching in nixpkgs

pkgs.abseil-cpp_202103

Open-source collection of C++ code designed to augment the C++ standard library

pkgs.abseil-cpp_202301

Open-source collection of C++ code designed to augment the C++ standard library

pkgs.abseil-cpp_202401

Open-source collection of C++ code designed to augment the C++ standard library

pkgs.abseil-cpp_202407

Open-source collection of C++ code designed to augment the C++ standard library

Package maintainers: 2

CVE-2022-46848
6.5 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): REQUIRED
  • Scope (S): CHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): LOW
created 9 months, 4 weeks ago
WordPress Visualizer Plugin <= 3.9.1 is vulnerable to Cross Site Scripting (XSS)

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Themeisle Visualizer: Tables and Charts Manager for WordPress plugin <= 3.9.1 versions.

Affected products

visualizer
  • =<3.9.1

Matching in nixpkgs

pkgs.cli-visualizer

CLI based audio visualizer

pkgs.midivisualizer

Small MIDI visualizer tool, using OpenGL

pkgs.massif-visualizer

Tool that visualizes massif data generated by valgrind

pkgs.precice-config-visualizer

Small python tool for visualizing the preCICE xml configuration

pkgs.kdePackages.massif-visualizer

Visualizer for Valgrind Massif data files

pkgs.gnomeExtensions.sound-visualizer

A Real Time Sound Visualizer Based On Gstreamer

  • nixos-unstable 8
    • nixos-unstable-small 8
    • nixpkgs-unstable 8

Package maintainers: 13

CVE-2023-23708
6.5 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): REQUIRED
  • Scope (S): CHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): LOW
created 9 months, 4 weeks ago
WordPress Visualizer Plugin <= 3.9.4 is vulnerable to Cross Site Scripting (XSS)

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Themeisle Visualizer: Tables and Charts Manager for WordPress plugin <= 3.9.4 versions.

Affected products

visualizer
  • =<3.9.4

Matching in nixpkgs

pkgs.cli-visualizer

CLI based audio visualizer

pkgs.midivisualizer

Small MIDI visualizer tool, using OpenGL

pkgs.massif-visualizer

Tool that visualizes massif data generated by valgrind

pkgs.precice-config-visualizer

Small python tool for visualizing the preCICE xml configuration

pkgs.kdePackages.massif-visualizer

Visualizer for Valgrind Massif data files

pkgs.gnomeExtensions.sound-visualizer

A Real Time Sound Visualizer Based On Gstreamer

  • nixos-unstable 8
    • nixos-unstable-small 8
    • nixpkgs-unstable 8

Package maintainers: 13

CVE-2023-47238
8.8 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 9 months, 4 weeks ago
WordPress Top 10 Plugin <= 3.3.2 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery (CSRF) vulnerability in WebberZone Top 10 – WordPress Popular posts by WebberZone plugin <= 3.3.2 versions.

Affected products

top-10
  • =<3.3.2

Matching in nixpkgs

pkgs.budgie-desktop

Feature-rich, modern desktop designed to keep out the way of the user

pkgs.gnomeExtensions.pip-on-top

Makes "Picture-in-Picture" windows stay on top (even on Wayland session). Compatible with Firefox, but may work with few other browsers too.

  • nixos-unstable 10
    • nixos-unstable-small 10
    • nixpkgs-unstable 10

pkgs.gnomeExtensions.show-apps-at-top

Put show apps icon at top in Gnome default dash

Package maintainers: 3