Nixpkgs security tracker
Untriaged
Permalink
CVE-2026-28047
8.1 HIGH
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): HIGH
- Privileges required (PR): NONE
- User interaction (UI): NONE
- Scope (S): UNCHANGED
- Confidentiality impact (C): HIGH
- Integrity impact (I): HIGH
- Availability impact (A): HIGH
Activity log
- Created suggestion
WordPress Victo theme <= 1.4.16 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in magentech Victo victo allows PHP Local File Inclusion.This issue affects Victo: from n/a through <= 1.4.16.
References
Affected products
victo
- =<<= 1.4.16
Matching in nixpkgs
pkgs.vlagent
User friendly log database from VictoriaMetrics
pkgs.vmagent
fast, cost-effective and scalable time series database, long-term remote storage for Prometheus
pkgs.victor-mono
Free programming font with cursive italics and ligatures
pkgs.victorialogs
User friendly log database from VictoriaMetrics
pkgs.victoriatraces
Fast open-source observability solution for distributed traces
pkgs.victoriametrics
fast, cost-effective and scalable time series database, long-term remote storage for Prometheus
pkgs.nerd-fonts.victor-mono
Nerd Fonts: Clean, crisp and narrow, with a large x-height and clear punctuation
-
nixos-unstable 3.4.0+1.5.6
- nixpkgs-unstable 3.4.0+1.5.6
- nixos-unstable-small 3.4.0+1.5.6
-
nixos-25.11 3.4.0+1.5.6
- nixos-25.11-small 3.4.0+1.5.6
- nixpkgs-25.11-darwin 3.4.0+1.5.6
pkgs.grafanaPlugins.victoriametrics-logs-datasource
Grafana datasource for VictoriaLogs
Package maintainers
-
@rc-zb Xiao Haifan <rc-zb@outlook.com>
-
@doronbehar Doron Behar <me@doronbehar.com>
-
@jpotier Martin Potier <jpo.contributes.to.nixos@marvid.fr>
-
@leona-ya Leona Maroni <nix@leona.is>
-
@yorickvP Yorick van Pelt <yorickvanpelt@gmail.com>
-
@Shawn8901 Shawn8901 <shawn8901@googlemail.com>
-
@ivan Ivan Kozik <ivan@ludios.org>
-
@ryan4yin Ryan Yin <xiaoyin_c@qq.com>
-
@wlcx Sam Willcocks <sam@wlcx.cc>
-
@nycodeghg Marie Ramlow <tabmeier12+nix@gmail.com>
-
@Ma27 Maximilian Bosch <maximilian@mbosch.me>
-
@cmacrae Calum MacRae <hi@cmacr.ae>