Nixpkgs security tracker

Untriaged

Permalink CVE-2026-30976

8.6 HIGH

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): CHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): NONE
Availability impact (A): NONE

created 3 weeks, 3 days ago

Sonarr Path Traversal vulnerability

Sonarr is a PVR for Usenet and BitTorrent users. In versions on the 4.x branch prior to 4.0.17.2950, an unauthenticated remote attacker can potentially read any file readable by the Sonarr process. These include application configuration files (containing API keys and database credentials), Windows system files, and any user-accessible files on the same drive This issue only impacts Windows systems; macOS and Linux are unaffected. Files returned from the API were not limited to the directory on disk they were intended to be served from. This problem has been patched in 4.0.17.2950 in the nightly/develop branch or 4.0.17.2952 for stable/main releases. It's possible to work around the issue by only hosting Sonarr on a secure internal network and accessing it via VPN, Tailscale or similar solution outside that network.

References

https://github.com/Sonarr/Sonarr/security/advisories/GHSA-h393-v5hm-6h8f x_refsource_CONFIRM
https://github.com/Sonarr/Sonarr/releases/tag/v4.0.17.2950 x_refsource_MISC
https://github.com/Sonarr/Sonarr/releases/tag/v4.0.17.2952 x_refsource_MISC

Affected products

Sonarr

==>= 4.0, < 4.0.17.2950

Matching in nixpkgs

pkgs.sonarr

Smart PVR for newsgroup and bittorrent users

nixos-unstable 4.0.16.2944
- nixpkgs-unstable 4.0.16.2944
- nixos-unstable-small 4.0.16.2944
nixos-25.11 4.0.16.2944
- nixos-25.11-small 4.0.16.2944
- nixpkgs-25.11-darwin 4.0.16.2944

pkgs.home-assistant-component-tests.sonarr

Open source home automation that puts local control and privacy first

nixos-25.11 2025.11.3
- nixos-25.11-small 2025.11.3
- nixpkgs-25.11-darwin 2025.11.3

pkgs.tests.home-assistant-component-tests.sonarr