Nixpkgs security tracker

Login with GitHub
⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestions search

All statuses
Filter by:
With package: roam-research

Found 1 matching suggestions

View:
Compact
Detailed
Untriaged
Permalink CVE-2026-22407
5.4 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): NONE
updated 2 months, 3 weeks ago by @fricklerhandwerk Activity log
  • Created automatic suggestion 2 months, 3 weeks ago
  • @fricklerhandwerk added maintainer @fricklerhandwerk 2 months, 3 weeks ago maintainer.add
WordPress Roam theme <= 2.1.1 - Insecure Direct Object References (IDOR) vulnerability

Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Roam roam allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Roam: from n/a through <= 2.1.1.

Affected products

roam
  • =<<= 2.1.1

Matching in nixpkgs

pkgs.geteduroam

GUI client to configure eduroam

  • nixos-unstable 0.12
    • nixpkgs-unstable 0.12
    • nixos-unstable-small 0.12
  • nixos-25.11 0.12
    • nixpkgs-25.11-darwin 0.12

Package maintainers

Additional maintainers