Nixpkgs security tracker

Untriaged

Permalink CVE-2026-22476

created 1 month, 2 weeks ago Activity log

Created suggestion 1 month, 2 weeks ago

WordPress Etchy theme <= 1.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes Etchy etchy allows PHP Local File Inclusion.This issue affects Etchy: from n/a through <= 1.0.

References

https://patchstack.com/database/Wordpress/Theme/etchy/vulnerability/wordpress-e… vdb-entry

Affected products

etchy

=<<= 1.0

Matching in nixpkgs

pkgs.sketchybar

Highly customizable macOS status bar replacement

nixos-unstable 2.23.0
- nixpkgs-unstable 2.23.0
- nixos-unstable-small 2.23.0
nixos-25.11 2.23.0
- nixos-25.11-small 2.23.0
- nixpkgs-25.11-darwin 2.23.0

pkgs.sketchybar-app-font

Ligature-based symbol font and a mapping function for sketchybar

nixos-unstable 2.0.53
- nixpkgs-unstable 2.0.53
- nixos-unstable-small 2.0.53
nixos-25.11 2.0.47
- nixos-25.11-small 2.0.47
- nixpkgs-25.11-darwin 2.0.47

Package maintainers

@khaneliman Austin Horstman <khaneliman12@gmail.com>
@azuwis Zhong Jianxin <azuwis@gmail.com>