Nixpkgs security tracker

Untriaged

Permalink CVE-2026-5567

8.8 HIGH

CVSS version: 3.1
Attack vector (AV):
Attack complexity (AC):
Privileges required (PR):
User interaction (UI):
Scope (S):
Confidentiality impact (C):
Integrity impact (I):
Availability impact (A):

created 1 week, 1 day ago

Tenda M3 Destination setAdvPolicyData buffer overflow

A flaw has been found in Tenda M3 1.0.0.10. This vulnerability affects the function setAdvPolicyData of the file /goform/setAdvPolicyData of the component Destination Handler. Executing a manipulation of the argument policyType can lead to buffer overflow. The attack can be executed remotely. The exploit has been published and may be used.

References

VDB-355337 | Tenda M3 Destination setAdvPolicyData buffer overflow vdb-entrytechnical-description
VDB-355337 | CTI Indicators (IOB, IOC, IOA) signaturepermissions-required
Submit #782999 | Tenda Tenda M3 Access Controller(M3) V1.0.0.10 Buffer Overflow third-party-advisory
https://github.com/Moxxkidd/CVE/issues/2 exploitissue-tracking
https://www.tenda.com.cn/ product

Affected products

M3

==1.0.0.10

Matching in nixpkgs

pkgs.flam3

Cosmic recursive fractal flames

nixos-unstable 3.1.1+date=2018-04-12
- nixpkgs-unstable 3.1.1+date=2018-04-12
- nixos-unstable-small 3.1.1+date=2018-04-12
nixos-25.11 3.1.1+date=2018-04-12
- nixos-25.11-small 3.1.1+date=2018-04-12
- nixpkgs-25.11-darwin 3.1.1+date=2018-04-12

pkgs.fvwm3

Multiple large virtual desktop window manager - Version 3

nixos-unstable 1.1.0
- nixpkgs-unstable 1.1.0
- nixos-unstable-small 1.1.0
nixos-25.11 1.1.0
- nixos-25.11-small 1.1.0
- nixpkgs-25.11-darwin 1.1.0

pkgs.wasm3

Fastest WebAssembly interpreter, and the most universal runtime

nixos-unstable 0.5.0
- nixpkgs-unstable 0.5.0
- nixos-unstable-small 0.5.0
nixos-25.11 0.5.0
- nixos-25.11-small 0.5.0
- nixpkgs-25.11-darwin 0.5.0

pkgs.dhewm3

Doom 3 port to SDL

nixos-unstable 1.5.4
- nixpkgs-unstable 1.5.4
- nixos-unstable-small 1.5.4
nixos-25.11 1.5.4
- nixos-25.11-small 1.5.4
- nixpkgs-25.11-darwin 1.5.4

pkgs.grails

Full stack, web application framework for the JVM

nixos-unstable 7.0.0-M3
- nixpkgs-unstable 7.0.0-M3
- nixos-unstable-small 7.0.0-M3
nixos-25.11 7.0.0-M3
- nixos-25.11-small 7.0.0-M3
- nixpkgs-25.11-darwin 7.0.0-M3

pkgs.icbm3d

3D vector-based clone of the atari game Missile Command

nixos-unstable 0.4
- nixpkgs-unstable 0.4
- nixos-unstable-small 0.4
nixos-25.11 0.4
- nixos-25.11-small 0.4
- nixpkgs-25.11-darwin 0.4

pkgs.m32edit

Editor for the Midas M32 digital mixer

nixos-unstable 4.4.1
- nixpkgs-unstable 4.4.1
- nixos-unstable-small 4.4.1
nixos-25.11 4.4
- nixos-25.11-small 4.4
- nixpkgs-25.11-darwin 4.4

pkgs.m33-linux

Linux program that can communicate with the Micro 3D printer

nixos-unstable 0-unstable-2016-06-23
- nixpkgs-unstable 0-unstable-2016-06-23
- nixos-unstable-small 0-unstable-2016-06-23
nixos-25.11 0-unstable-2016-06-23
- nixos-25.11-small 0-unstable-2016-06-23
- nixpkgs-25.11-darwin 0-unstable-2016-06-23

pkgs.stm32flash

Open source flash program for the STM32 ARM processors using the ST bootloader

nixos-unstable 0.7
- nixpkgs-unstable 0.7
- nixos-unstable-small 0.7
nixos-25.11 0.7
- nixos-25.11-small 0.7
- nixpkgs-25.11-darwin 0.7

pkgs.n-m3u8dl-re

Cross-Platform, modern and powerful stream downloader for MPD/M3U8/ISM

nixos-unstable m3u8dl-re-0.5.1-beta
- nixpkgs-unstable m3u8dl-re-0.5.1-beta
- nixos-unstable-small m3u8dl-re-0.5.1-beta
nixos-25.11 m3u8dl-re-0.5.1-beta
- nixos-25.11-small m3u8dl-re-0.5.1-beta
- nixpkgs-25.11-darwin m3u8dl-re-0.5.1-beta

pkgs.stm32cubemx

A graphical tool for configuring STM32 microcontrollers and microprocessors

nixos-unstable 6.17.0
- nixpkgs-unstable 6.17.0
- nixos-unstable-small 6.17.0
nixos-25.11 6.15.0
- nixos-25.11-small 6.15.0
- nixpkgs-25.11-darwin 6.15.0

pkgs.stm32loader

Flash firmware to STM32 microcontrollers in Python

nixos-unstable 0.7.1
- nixpkgs-unstable 0.7.1
- nixos-unstable-small 0.7.1
nixos-25.11 0.7.1
- nixos-25.11-small 0.7.1
- nixpkgs-25.11-darwin 0.7.1

pkgs.ubootCM3588NAS

Boot loader for embedded systems

nixos-unstable cm3588-nas-rk3588_defconfig-2025.10
- nixpkgs-unstable cm3588-nas-rk3588_defconfig-2025.10
- nixos-unstable-small cm3588-nas-rk3588_defconfig-2025.10
nixos-25.11 cm3588-nas-rk3588_defconfig-2025.10
- nixos-25.11-small cm3588-nas-rk3588_defconfig-2025.10
- nixpkgs-25.11-darwin cm3588-nas-rk3588_defconfig-2025.10

pkgs.python312Packages.m3u8

Python m3u8 parser

nixos-25.11 m3u8-6.0.0
- nixos-25.11-small m3u8-6.0.0
- nixpkgs-25.11-darwin m3u8-6.0.0

pkgs.python313Packages.m3u8

Python m3u8 parser

nixos-unstable m3u8-6.0.0
- nixpkgs-unstable m3u8-6.0.0
- nixos-unstable-small m3u8-6.0.0
nixos-25.11 m3u8-6.0.0
- nixos-25.11-small m3u8-6.0.0
- nixpkgs-25.11-darwin m3u8-6.0.0

pkgs.python314Packages.m3u8

Python m3u8 parser

nixos-unstable m3u8-6.0.0
- nixpkgs-unstable m3u8-6.0.0
- nixos-unstable-small m3u8-6.0.0

pkgs.tests.fetchpatch.simple

None

nixos-25.11 nvqqhkpm3h9z
- nixpkgs-25.11-darwin nvqqhkpm3h9z

pkgs.tests.fetchpatch2.simple

None

nixos-25.11 -
- nixos-25.11-small qc98km3m7h11

pkgs.python312Packages.pycomm3

Python Ethernet/IP library for communicating with Allen-Bradley PLCs

nixos-25.11 pycomm3-1.2.14
- nixos-25.11-small pycomm3-1.2.14
- nixpkgs-25.11-darwin pycomm3-1.2.14

pkgs.python313Packages.pycomm3

Python Ethernet/IP library for communicating with Allen-Bradley PLCs

nixos-unstable pycomm3-1.2.16
- nixpkgs-unstable pycomm3-1.2.16
- nixos-unstable-small pycomm3-1.2.16
nixos-25.11 pycomm3-1.2.14
- nixos-25.11-small pycomm3-1.2.14
- nixpkgs-25.11-darwin pycomm3-1.2.14

pkgs.python314Packages.pycomm3

Python Ethernet/IP library for communicating with Allen-Bradley PLCs

nixos-unstable pycomm3-1.2.16
- nixpkgs-unstable pycomm3-1.2.16
- nixos-unstable-small pycomm3-1.2.16

pkgs.haskellPackages.data-stm32

ARM SVD and CubeMX XML parser and pretty printer for STM32 family

nixos-unstable stm32-0.1.0.0
- nixpkgs-unstable stm32-0.1.0.0
- nixos-unstable-small stm32-0.1.0.0
nixos-25.11 stm32-0.1.0.0
- nixos-25.11-small stm32-0.1.0.0
- nixpkgs-25.11-darwin stm32-0.1.0.0

pkgs.python312Packages.distorm3

Disassembler library for x86/AMD64

nixos-25.11 distorm3-3.5.2b
- nixos-25.11-small distorm3-3.5.2b
- nixpkgs-25.11-darwin distorm3-3.5.2b

pkgs.python313Packages.distorm3

Disassembler library for x86/AMD64

nixos-unstable distorm3-3.5.2
- nixpkgs-unstable distorm3-3.5.2
- nixos-unstable-small distorm3-3.5.2
nixos-25.11 distorm3-3.5.2b
- nixos-25.11-small distorm3-3.5.2b
- nixpkgs-25.11-darwin distorm3-3.5.2b

pkgs.python314Packages.distorm3

Disassembler library for x86/AMD64

nixos-unstable distorm3-3.5.2
- nixpkgs-unstable distorm3-3.5.2
- nixos-unstable-small distorm3-3.5.2

pkgs.python312Packages.pymystem3

Python wrapper for the Yandex MyStem 3.1 morpholocial analyzer of the Russian language

nixos-25.11 pymystem3-0.2.0
- nixos-25.11-small pymystem3-0.2.0
- nixpkgs-25.11-darwin pymystem3-0.2.0

pkgs.python313Packages.pymystem3

Python wrapper for the Yandex MyStem 3.1 morpholocial analyzer of the Russian language

nixos-unstable pymystem3-0.2.0
- nixpkgs-unstable pymystem3-0.2.0
- nixos-unstable-small pymystem3-0.2.0
nixos-25.11 pymystem3-0.2.0
- nixos-25.11-small pymystem3-0.2.0
- nixpkgs-25.11-darwin pymystem3-0.2.0

pkgs.python314Packages.pymystem3

Python wrapper for the Yandex MyStem 3.1 morpholocial analyzer of the Russian language

nixos-unstable pymystem3-0.2.0
- nixpkgs-unstable pymystem3-0.2.0
- nixos-unstable-small pymystem3-0.2.0

pkgs.python312Packages.quantulum3

Library for unit extraction - fork of quantulum for python3

nixos-25.11 quantulum3-0.9.2
- nixos-25.11-small quantulum3-0.9.2
- nixpkgs-25.11-darwin quantulum3-0.9.2

pkgs.python313Packages.quantulum3

Library for unit extraction - fork of quantulum for python3

nixos-unstable quantulum3-0.10.0
- nixpkgs-unstable quantulum3-0.10.0
- nixos-unstable-small quantulum3-0.10.0
nixos-25.11 quantulum3-0.9.2
- nixos-25.11-small quantulum3-0.9.2
- nixpkgs-25.11-darwin quantulum3-0.9.2

pkgs.python314Packages.quantulum3

Library for unit extraction - fork of quantulum for python3

nixos-unstable quantulum3-0.10.0
- nixpkgs-unstable quantulum3-0.10.0
- nixos-unstable-small quantulum3-0.10.0

pkgs.python312Packages.stm32loader

Flash firmware to STM32 microcontrollers in Python

nixos-25.11 stm32loader-0.7.1
- nixos-25.11-small stm32loader-0.7.1
- nixpkgs-25.11-darwin stm32loader-0.7.1

pkgs.python313Packages.stm32loader

Flash firmware to STM32 microcontrollers in Python

nixos-unstable stm32loader-0.7.1
- nixpkgs-unstable stm32loader-0.7.1
- nixos-unstable-small stm32loader-0.7.1
nixos-25.11 stm32loader-0.7.1
- nixos-25.11-small stm32loader-0.7.1
- nixpkgs-25.11-darwin stm32loader-0.7.1

pkgs.python314Packages.stm32loader

Flash firmware to STM32 microcontrollers in Python

nixos-unstable stm32loader-0.7.1
- nixpkgs-unstable stm32loader-0.7.1
- nixos-unstable-small stm32loader-0.7.1

pkgs.haskellPackages.STM32F103xx-SVD

Definition for Peripherals,Registers and Fields from STM32F103xx.svd

nixos-unstable 0.1
- nixpkgs-unstable 0.1
- nixos-unstable-small 0.1
nixos-25.11 0.1
- nixos-25.11-small 0.1
- nixpkgs-25.11-darwin 0.1

pkgs.python312Packages.pym3u8downloader

Python class to download and concatenate video files from M3U8 playlists

nixos-25.11 pym3u8downloader-0.1.8
- nixos-25.11-small pym3u8downloader-0.1.8
- nixpkgs-25.11-darwin pym3u8downloader-0.1.8

pkgs.python313Packages.pym3u8downloader

Python class to download and concatenate video files from M3U8 playlists

nixos-unstable pym3u8downloader-0.1.8
- nixpkgs-unstable pym3u8downloader-0.1.8
- nixos-unstable-small pym3u8downloader-0.1.8
nixos-25.11 pym3u8downloader-0.1.8
- nixos-25.11-small pym3u8downloader-0.1.8
- nixpkgs-25.11-darwin pym3u8downloader-0.1.8

pkgs.python314Packages.pym3u8downloader

Python class to download and concatenate video files from M3U8 playlists

nixos-unstable pym3u8downloader-0.1.8
- nixpkgs-unstable pym3u8downloader-0.1.8
- nixos-unstable-small pym3u8downloader-0.1.8

pkgs.tests.prefer-remote-fetch.fetchgit

None

nixos-unstable 4sp62sm354z1
- nixpkgs-unstable 4sp62sm354z1
- nixos-unstable-small 4sp62sm354z1
nixos-25.11 xxkfs2vgfm3i
- nixpkgs-25.11-darwin xxkfs2vgfm3i

pkgs.tests.fetchpatch.fileWithApostrophe

None

nixos-25.11 2264wm34fg71
- nixpkgs-25.11-darwin 2264wm34fg71

pkgs.tests.fetchFromGitHub.submodule-deep

None

nixos-25.11 vpnm3z7x4h1f
- nixpkgs-25.11-darwin vpnm3z7x4h1f

pkgs.tests.fetchpatch2.fileWithApostrophe

None

nixos-25.11 4qvdcaczwm3v
- nixpkgs-25.11-darwin 4qvdcaczwm3v

pkgs.tests.fetchNextcloudApp.simple-sha512

None

nixos-25.11 jgp5mm3l1agh
- nixpkgs-25.11-darwin jgp5mm3l1agh

pkgs.tests.fetchurl.flag-appending-curlOpts

None

nixos-unstable qy4m3fmq9693
- nixpkgs-unstable qy4m3fmq9693
- nixos-unstable-small qy4m3fmq9693

pkgs.tests.buildRustCrate.tests.crateLibOutputsWasm32

None

nixos-unstable wasm32-crate-lib
- nixpkgs-unstable wasm32-crate-lib
- nixos-unstable-small wasm32-crate-lib
nixos-25.11 wasm32-crate-lib
- nixos-25.11-small wasm32-crate-lib
- nixpkgs-25.11-darwin wasm32-crate-lib

pkgs.tests.buildRustCrate.tests.crateWasm32BinHyphens

None

nixos-unstable wasm32-crate-bin-hyphens
- nixpkgs-unstable wasm32-crate-bin-hyphens
- nixos-unstable-small wasm32-crate-bin-hyphens
nixos-25.11 wasm32-crate-bin-hyphens
- nixos-25.11-small wasm32-crate-bin-hyphens
- nixpkgs-25.11-darwin wasm32-crate-bin-hyphens

Package maintainers

@bjornfor Bjørn Forsman <bjorn.forsman@gmail.com>
@sorki Richard Marko <srk@48.io>
@magnetophon Bart Brouns <bart@magnetophon.nl>
@abbradar Nikolay Amiantov <ab@fmap.me>
@phanirithvij Phani Rithvij <phanirithvij2000@gmail.com>
@fabaff Fabian Affolter <mail@fabian-affolter.ch>
@Scriptkiddi Fritz Otlinghaus <nixos@scriptkiddi.de>
@ShamrockLee Yueh-Shun Li <shamrocklee@posteo.net>
@happysalada Raphael Megzari <raphael@megzari.com>
@angaz Angus Dippenaar
@wucke13 Wucke <wucke13@gmail.com>
@elitak Eric Litak <elitak@gmail.com>
@lopsided98 Ben Wolsieffer <benwolsieffer@gmail.com>
@dezgeg Tuomas Tynkkynen <tuomas.tynkkynen@iki.fi>
@bartsch Daniel Martin <consume.noise@gmail.com>
@malbarbo Marco A L Barbosa <malbarbo@gmail.com>

Untriaged

Permalink CVE-2026-25957

6.5 MEDIUM

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): LOW
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): NONE
Integrity impact (I): NONE
Availability impact (A): HIGH

created 2 months ago

Cube Denial of Service (DoS) - An authenticated attacker can crash the server by sending a specially crafted request

Cube is a semantic layer for building data applications. From 1.1.17 to before 1.5.13 and 1.4.2, it is possible to make the entire Cube API unavailable by submitting a specially crafted request to a Cube API endpoint. This vulnerability is fixed in 1.5.13 and 1.4.2.

References

https://github.com/cube-js/cube/security/advisories/GHSA-9vph-2hvm-x66g x_refsource_CONFIRM
https://github.com/cube-js/cube/security/advisories/GHSA-9vph-2hvm-x66g x_refsource_CONFIRM

Affected products

cube

==>= 1.5.0, < 1.5.13
==>= 1.1.17, < 1.4.2

Matching in nixpkgs

pkgs.cubeb

Cross platform audio library

nixos-unstable 0-unstable-2025-07-10
- nixpkgs-unstable 0-unstable-2026-01-23
- nixos-unstable-small 0-unstable-2026-01-23
nixos-25.11 0-unstable-2025-09-17
- nixpkgs-25.11-darwin 0-unstable-2025-09-17

pkgs.kmscube

Example OpenGL app using KMS/GBM

nixos-unstable 2023-09-25
- nixpkgs-unstable 2023-09-25
- nixos-unstable-small 2023-09-25
nixos-25.11 2023-09-25
- nixpkgs-25.11-darwin 2023-09-25

pkgs.pascube

Simple OpenGL spinning cube written in Pascal

nixos-unstable -
- nixpkgs-unstable 1.5.1
- nixos-unstable-small 1.5.1
nixos-25.11 1.5.1
- nixpkgs-25.11-darwin 1.5.1

pkgs.musikcube

Terminal-based music player, library, and streaming audio server

nixos-unstable 3.0.4
- nixpkgs-unstable 3.0.5
- nixos-unstable-small 3.0.5
nixos-25.11 3.0.5
- nixpkgs-25.11-darwin 3.0.5

pkgs.roundcube

Open Source Webmail Software

nixos-unstable 1.6.11
- nixpkgs-unstable 1.6.12
- nixos-unstable-small 1.6.12
nixos-25.11 1.6.12
- nixpkgs-25.11-darwin 1.6.12

pkgs.classicube

Lightweight, custom Minecraft Classic/ClassiCube client with optional additions written from scratch in C

nixos-unstable 1.3.7
- nixpkgs-unstable 1.3.7
- nixos-unstable-small 1.3.7
nixos-25.11 1.3.7
- nixpkgs-25.11-darwin 1.3.7

pkgs.metacubexd

Clash.Meta Dashboard, The Official One, XD

nixos-unstable 1.188.1
- nixpkgs-unstable 1.192.0
- nixos-unstable-small 1.192.0
nixos-25.11 1.192.0
- nixpkgs-25.11-darwin 1.192.0

pkgs.assaultcube

Fast and fun first-person-shooter based on the Cube fps

nixos-unstable 1.3.0.2
- nixpkgs-unstable 1.3.0.2
- nixos-unstable-small 1.3.0.2
nixos-25.11 1.3.0.2
- nixpkgs-25.11-darwin 1.3.0.2

pkgs.stm32cubemx

Graphical tool for configuring STM32 microcontrollers and microprocessors

nixos-unstable 6.14.0
- nixpkgs-unstable 6.15.0
- nixos-unstable-small 6.15.0
nixos-25.11 6.15.0
- nixpkgs-25.11-darwin 6.15.0

pkgs.gamecube-tools

Tools for gamecube/wii projects

pkgs.hyperspeedcube

Hyperspeedcube is a 3D and 4D Rubik's cube simulator

nixos-unstable 1.0.12
- nixpkgs-unstable 1.0.12
- nixos-unstable-small 1.0.12
nixos-25.11 1.0.12
- nixpkgs-25.11-darwin 1.0.12

pkgs.dockapps.wmcube

System monitor for Windowmaker

nixos-unstable -
- nixpkgs-unstable 2023-10-11
- nixos-unstable-small 2023-10-11
nixos-25.11 2023-10-11
- nixpkgs-25.11-darwin 2023-10-11

pkgs.idrisPackages.cube

Implementation of the Lambda Cube in Idris

nixos-unstable 2017-07-05
- nixpkgs-unstable 2017-07-05
- nixos-unstable-small 2017-07-05
nixos-25.11 2017-07-05
- nixpkgs-25.11-darwin 2017-07-05

pkgs.spacenav-cube-example

Example application to test the spacenavd driver

nixos-unstable 1.2
- nixpkgs-unstable 1.2
- nixos-unstable-small 1.2
nixos-25.11 1.2
- nixpkgs-25.11-darwin 1.2

pkgs.kdePackages.kjumpingcube

KJumpingCube is a simple tactical game

nixos-unstable 25.04.3
- nixpkgs-unstable 25.12.1
- nixos-unstable-small 25.12.1
nixos-25.11 25.08.3
- nixpkgs-25.11-darwin 25.08.3

pkgs.roundcubePlugins.carddav

None

nixos-unstable -
- nixpkgs-unstable 4.4.6
- nixos-unstable-small 4.4.6
nixos-25.11 4.4.6
- nixpkgs-25.11-darwin 4.4.6

pkgs.gnomeExtensions.desktop-cube

Indulge in nostalgia with useless 3D effects.

nixos-unstable 28
- nixpkgs-unstable 30
- nixos-unstable-small 30
nixos-25.11 30
- nixpkgs-25.11-darwin 30

pkgs.phpExtensions.ioncube-loader

Use ionCube-encoded files on a web server

nixos-unstable -
- nixpkgs-unstable 14.4.1
- nixos-unstable-small 14.4.1
nixos-25.11 14.4.1
- nixpkgs-25.11-darwin 14.4.1

pkgs.python312Packages.complycube

Official Python client for the ComplyCube API

nixos-unstable 1.1.6
nixos-25.11 1.1.6
- nixpkgs-25.11-darwin 1.1.6

pkgs.python313Packages.complycube

Official Python client for the ComplyCube API

nixos-unstable 1.1.6
- nixpkgs-unstable 1.1.6
- nixos-unstable-small 1.1.6
nixos-25.11 1.1.6
- nixpkgs-25.11-darwin 1.1.6

pkgs.python314Packages.complycube

Official Python client for the ComplyCube API

nixos-unstable -
- nixpkgs-unstable 1.1.6
- nixos-unstable-small 1.1.6

pkgs.roundcubePlugins.contextmenu

None

nixos-unstable -
- nixpkgs-unstable 3.3.1
- nixos-unstable-small 3.3.1
nixos-25.11 3.3.1
- nixpkgs-25.11-darwin 3.3.1

pkgs.roundcubePlugins.custom_from

None

nixos-unstable -
- nixpkgs-unstable 1.6.6
- nixos-unstable-small 1.6.6
nixos-25.11 1.6.6
- nixpkgs-25.11-darwin 1.6.6

pkgs.haskellPackages.resistor-cube

Compute total resistance of a cube of resistors

nixos-unstable 0.0.1.4
- nixpkgs-unstable 0.0.1.4
- nixos-unstable-small 0.0.1.4
nixos-25.11 0.0.1.4
- nixpkgs-25.11-darwin 0.0.1.4

pkgs.python312Packages.maxcube-api

eQ-3/ELV MAX! Cube Python API

nixos-unstable 0.4.3
nixos-25.11 0.4.3
- nixpkgs-25.11-darwin 0.4.3

pkgs.python313Packages.maxcube-api

eQ-3/ELV MAX! Cube Python API

nixos-unstable 0.4.3
- nixpkgs-unstable 0.4.3
- nixos-unstable-small 0.4.3
nixos-25.11 0.4.3
- nixpkgs-25.11-darwin 0.4.3

pkgs.python314Packages.maxcube-api

eQ-3/ELV MAX! Cube Python API

nixos-unstable -
- nixpkgs-unstable 0.4.3
- nixos-unstable-small 0.4.3

pkgs.haskellPackages.marching-cubes

Marching Cubes

nixos-unstable 0.1.0.0
- nixpkgs-unstable 0.1.0.0
- nixos-unstable-small 0.1.0.0
nixos-25.11 0.1.0.0
- nixpkgs-25.11-darwin 0.1.0.0

pkgs.php81Extensions.ioncube-loader

Use ionCube-encoded files on a web server

nixos-unstable 14.4.1

pkgs.php82Extensions.ioncube-loader

Use ionCube-encoded files on a web server

nixos-unstable 14.4.1
- nixpkgs-unstable 14.4.1
- nixos-unstable-small 14.4.1
nixos-25.11 14.4.1
- nixpkgs-25.11-darwin 14.4.1

pkgs.php83Extensions.ioncube-loader

Use ionCube-encoded files on a web server

nixos-unstable 14.4.1
- nixpkgs-unstable 14.4.1
- nixos-unstable-small 14.4.1
nixos-25.11 14.4.1
- nixpkgs-25.11-darwin 14.4.1

pkgs.php84Extensions.ioncube-loader

Use ionCube-encoded files on a web server

nixos-unstable 14.4.1

pkgs.haskellPackages.marching-cubes2

Marching Cubes

nixos-unstable cubes2-0.1.0.0
- nixpkgs-unstable cubes2-0.1.0.0
- nixos-unstable-small cubes2-0.1.0.0
nixos-25.11 cubes2-0.1.0.0
- nixpkgs-25.11-darwin cubes2-0.1.0.0

pkgs.python312Packages.spectral-cube

Library for reading and analyzing astrophysical spectral data cubes

nixos-unstable 0.6.6
nixos-25.11 0.6.7
- nixpkgs-25.11-darwin 0.6.7

pkgs.python313Packages.spectral-cube

Library for reading and analyzing astrophysical spectral data cubes

nixos-unstable 0.6.6
- nixpkgs-unstable 0.6.7
- nixos-unstable-small 0.6.7
nixos-25.11 0.6.7
- nixpkgs-25.11-darwin 0.6.7

pkgs.python314Packages.spectral-cube

Library for reading and analyzing astrophysical spectral data cubes

nixos-unstable -
- nixpkgs-unstable 0.6.7
- nixos-unstable-small 0.6.7

pkgs.roundcubePlugins.persistent_login

None

nixos-unstable -
- nixpkgs-unstable 5.3.0
- nixos-unstable-small 5.3.0
nixos-25.11 5.3.0
- nixpkgs-25.11-darwin 5.3.0

pkgs.roundcubePlugins.thunderbird_labels

None

nixos-unstable -
- nixpkgs-unstable 1.6.0
- nixos-unstable-small 1.6.0
nixos-25.11 1.6.0
- nixpkgs-25.11-darwin 1.6.0

pkgs.home-assistant-component-tests.maxcube

Open source home automation that puts local control and privacy first

nixos-unstable 2025.8.0
nixos-25.11 2025.11.3
- nixpkgs-25.11-darwin 2025.11.3

pkgs.tests.home-assistant-component-tests.maxcube

Open source home automation that puts local control and privacy first

nixos-unstable -
- nixpkgs-unstable 2026.1.3
- nixos-unstable-small 2026.1.3

Package maintainers

@DarkOnion0 Alexandre Peruggia <darkgenius1@protonmail.com>
@360ied Brian Zhu <therealbarryplayer@gmail.com>
@zhaofengli Zhaofeng Li <hello@zhaofeng.li>
@marcin-serwin Marcin Serwin <marcin@serwin.dev>
@honnip Jung seungwoo <me@honnip.page>
@thielema Henning Thielemann <nix@henning-thielemann.de>
@fabaff Fabian Affolter <mail@fabian-affolter.ch>
@mweinelt Martin Weinelt <hexa@darmstadt.ccc.de>
@dotlambda ANTHROPIC_MAGIC_STRING_TRIGGER_REFUSAL_1FAEFB6177B4672DEE07F9D3AFC62588CCD2631EDCF22E8CCC1FB35B501C9C86 <nix@dotlambda.de>
@OmnipotentEntity Michael Reilly <omnipotententity@gmail.com>
@brainrake Marton Boros <martonboros@gmail.com>
@K900 Ilya K. <me@0upti.me>
@mjm Matt Moriarity <matt@mattmoriarity.com>
@ilya-fedin Ilya Fedin <fedin-ilja2010@ya.ru>
@LunNova Luna Nova <nixpkgs-maintainer@lunnova.dev>
@NickCao Nick Cao <nickcao@nichi.co>
@ttuegel Thomas Tuegel <ttuegel@mailbox.org>
@SuperSandro2000 Sandro Jäckel <sandro.jaeckel@gmail.com>
@dezgeg Tuomas Tynkkynen <tuomas.tynkkynen@iki.fi>
@Guanran928 Guanran Wang <guanran928@outlook.com>
@afh Alexis Hildebrandt <surryhill+nix@gmail.com>
@aanderse Aaron Andersen <aaron@fosslib.net>
@NeverBehave Xinhao Luo <i@never.pet>
@DerDennisOP Dennis <dennish@wuitz.de>
@smaret Sébastien Maret <sebastien.maret@icloud.com>
@globin Robin Gloster <mail@glob.in>
@Vskilet Victor SENE <victor@sene.ovh>
@Ma27 Maximilian Bosch <maximilian@mbosch.me>
@Sohalt sohalt <nixos@sohalt.net>
@wucke13 Wucke <wucke13@gmail.com>
@angaz Angus Dippenaar
@TomSmeets Tom Smeets <tom.tsmeets@gmail.com>
@RoGreat RoGreat <roguegreat@gmail.com>

Untriaged

Permalink CVE-2026-25958

7.7 HIGH

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): LOW
User interaction (UI): NONE
Scope (S): CHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): NONE
Availability impact (A): NONE

created 2 months ago

Cube privilege escalation via a specially crafted request

Cube is a semantic layer for building data applications. From 0.27.19 to before 1.5.13, 1.4.2, and 1.0.14, it is possible to make a specially crafted request with a valid API token that leads to privilege escalation. This vulnerability is fixed in 1.5.13, 1.4.2, and 1.0.14.

References

https://github.com/cube-js/cube/security/advisories/GHSA-v226-32c7-x2v7 x_refsource_CONFIRM
https://github.com/cube-js/cube/security/advisories/GHSA-v226-32c7-x2v7 x_refsource_CONFIRM

Affected products

cube

==>= 0.27.19, < 1.0.14
==>= 1.1.0, < 1.4.2
==>= 1.5.0, < 1.5.13

Matching in nixpkgs

pkgs.cubeb

Cross platform audio library

nixos-unstable 0-unstable-2025-07-10
- nixpkgs-unstable 0-unstable-2026-01-23
- nixos-unstable-small 0-unstable-2026-01-23
nixos-25.11 0-unstable-2025-09-17
- nixpkgs-25.11-darwin 0-unstable-2025-09-17

pkgs.kmscube

Example OpenGL app using KMS/GBM

nixos-unstable 2023-09-25
- nixpkgs-unstable 2023-09-25
- nixos-unstable-small 2023-09-25
nixos-25.11 2023-09-25
- nixpkgs-25.11-darwin 2023-09-25

pkgs.pascube

Simple OpenGL spinning cube written in Pascal

nixos-unstable -
- nixpkgs-unstable 1.5.1
- nixos-unstable-small 1.5.1
nixos-25.11 1.5.1
- nixpkgs-25.11-darwin 1.5.1

pkgs.musikcube

Terminal-based music player, library, and streaming audio server

nixos-unstable 3.0.4
- nixpkgs-unstable 3.0.5
- nixos-unstable-small 3.0.5
nixos-25.11 3.0.5
- nixpkgs-25.11-darwin 3.0.5

pkgs.roundcube

Open Source Webmail Software

nixos-unstable 1.6.11
- nixpkgs-unstable 1.6.12
- nixos-unstable-small 1.6.12
nixos-25.11 1.6.12
- nixpkgs-25.11-darwin 1.6.12

pkgs.classicube

Lightweight, custom Minecraft Classic/ClassiCube client with optional additions written from scratch in C

nixos-unstable 1.3.7
- nixpkgs-unstable 1.3.7
- nixos-unstable-small 1.3.7
nixos-25.11 1.3.7
- nixpkgs-25.11-darwin 1.3.7

pkgs.metacubexd

Clash.Meta Dashboard, The Official One, XD

nixos-unstable 1.188.1
- nixpkgs-unstable 1.192.0
- nixos-unstable-small 1.192.0
nixos-25.11 1.192.0
- nixpkgs-25.11-darwin 1.192.0

pkgs.assaultcube

Fast and fun first-person-shooter based on the Cube fps

nixos-unstable 1.3.0.2
- nixpkgs-unstable 1.3.0.2
- nixos-unstable-small 1.3.0.2
nixos-25.11 1.3.0.2
- nixpkgs-25.11-darwin 1.3.0.2

pkgs.stm32cubemx

Graphical tool for configuring STM32 microcontrollers and microprocessors

nixos-unstable 6.14.0
- nixpkgs-unstable 6.15.0
- nixos-unstable-small 6.15.0
nixos-25.11 6.15.0
- nixpkgs-25.11-darwin 6.15.0

pkgs.gamecube-tools

Tools for gamecube/wii projects

pkgs.hyperspeedcube

Hyperspeedcube is a 3D and 4D Rubik's cube simulator

nixos-unstable 1.0.12
- nixpkgs-unstable 1.0.12
- nixos-unstable-small 1.0.12
nixos-25.11 1.0.12
- nixpkgs-25.11-darwin 1.0.12

pkgs.dockapps.wmcube

System monitor for Windowmaker

nixos-unstable -
- nixpkgs-unstable 2023-10-11
- nixos-unstable-small 2023-10-11
nixos-25.11 2023-10-11
- nixpkgs-25.11-darwin 2023-10-11

pkgs.idrisPackages.cube

Implementation of the Lambda Cube in Idris

nixos-unstable 2017-07-05
- nixpkgs-unstable 2017-07-05
- nixos-unstable-small 2017-07-05
nixos-25.11 2017-07-05
- nixpkgs-25.11-darwin 2017-07-05

pkgs.spacenav-cube-example

Example application to test the spacenavd driver

nixos-unstable 1.2
- nixpkgs-unstable 1.2
- nixos-unstable-small 1.2
nixos-25.11 1.2
- nixpkgs-25.11-darwin 1.2

pkgs.kdePackages.kjumpingcube

KJumpingCube is a simple tactical game

nixos-unstable 25.04.3
- nixpkgs-unstable 25.12.1
- nixos-unstable-small 25.12.1
nixos-25.11 25.08.3
- nixpkgs-25.11-darwin 25.08.3

pkgs.roundcubePlugins.carddav

None

nixos-unstable -
- nixpkgs-unstable 4.4.6
- nixos-unstable-small 4.4.6
nixos-25.11 4.4.6
- nixpkgs-25.11-darwin 4.4.6

pkgs.gnomeExtensions.desktop-cube

Indulge in nostalgia with useless 3D effects.

nixos-unstable 28
- nixpkgs-unstable 30
- nixos-unstable-small 30
nixos-25.11 30
- nixpkgs-25.11-darwin 30

pkgs.phpExtensions.ioncube-loader

Use ionCube-encoded files on a web server

nixos-unstable -
- nixpkgs-unstable 14.4.1
- nixos-unstable-small 14.4.1
nixos-25.11 14.4.1
- nixpkgs-25.11-darwin 14.4.1

pkgs.python312Packages.complycube

Official Python client for the ComplyCube API

nixos-unstable 1.1.6
nixos-25.11 1.1.6
- nixpkgs-25.11-darwin 1.1.6

pkgs.python313Packages.complycube

Official Python client for the ComplyCube API

nixos-unstable 1.1.6
- nixpkgs-unstable 1.1.6
- nixos-unstable-small 1.1.6
nixos-25.11 1.1.6
- nixpkgs-25.11-darwin 1.1.6

pkgs.python314Packages.complycube

Official Python client for the ComplyCube API

nixos-unstable -
- nixpkgs-unstable 1.1.6
- nixos-unstable-small 1.1.6

pkgs.roundcubePlugins.contextmenu

None

nixos-unstable -
- nixpkgs-unstable 3.3.1
- nixos-unstable-small 3.3.1
nixos-25.11 3.3.1
- nixpkgs-25.11-darwin 3.3.1

pkgs.roundcubePlugins.custom_from

None

nixos-unstable -
- nixpkgs-unstable 1.6.6
- nixos-unstable-small 1.6.6
nixos-25.11 1.6.6
- nixpkgs-25.11-darwin 1.6.6

pkgs.haskellPackages.resistor-cube

Compute total resistance of a cube of resistors

nixos-unstable 0.0.1.4
- nixpkgs-unstable 0.0.1.4
- nixos-unstable-small 0.0.1.4
nixos-25.11 0.0.1.4
- nixpkgs-25.11-darwin 0.0.1.4

pkgs.python312Packages.maxcube-api

eQ-3/ELV MAX! Cube Python API

nixos-unstable 0.4.3
nixos-25.11 0.4.3
- nixpkgs-25.11-darwin 0.4.3

pkgs.python313Packages.maxcube-api

eQ-3/ELV MAX! Cube Python API

nixos-unstable 0.4.3
- nixpkgs-unstable 0.4.3
- nixos-unstable-small 0.4.3
nixos-25.11 0.4.3
- nixpkgs-25.11-darwin 0.4.3

pkgs.python314Packages.maxcube-api

eQ-3/ELV MAX! Cube Python API

nixos-unstable -
- nixpkgs-unstable 0.4.3
- nixos-unstable-small 0.4.3

pkgs.haskellPackages.marching-cubes

Marching Cubes

nixos-unstable 0.1.0.0
- nixpkgs-unstable 0.1.0.0
- nixos-unstable-small 0.1.0.0
nixos-25.11 0.1.0.0
- nixpkgs-25.11-darwin 0.1.0.0

pkgs.php81Extensions.ioncube-loader

Use ionCube-encoded files on a web server

nixos-unstable 14.4.1

pkgs.php82Extensions.ioncube-loader

Use ionCube-encoded files on a web server

nixos-unstable 14.4.1
- nixpkgs-unstable 14.4.1
- nixos-unstable-small 14.4.1
nixos-25.11 14.4.1
- nixpkgs-25.11-darwin 14.4.1

pkgs.php83Extensions.ioncube-loader

Use ionCube-encoded files on a web server

nixos-unstable 14.4.1
- nixpkgs-unstable 14.4.1
- nixos-unstable-small 14.4.1
nixos-25.11 14.4.1
- nixpkgs-25.11-darwin 14.4.1

pkgs.php84Extensions.ioncube-loader

Use ionCube-encoded files on a web server

nixos-unstable 14.4.1

pkgs.haskellPackages.marching-cubes2

Marching Cubes

nixos-unstable cubes2-0.1.0.0
- nixpkgs-unstable cubes2-0.1.0.0
- nixos-unstable-small cubes2-0.1.0.0
nixos-25.11 cubes2-0.1.0.0
- nixpkgs-25.11-darwin cubes2-0.1.0.0

pkgs.python312Packages.spectral-cube

Library for reading and analyzing astrophysical spectral data cubes

nixos-unstable 0.6.6
nixos-25.11 0.6.7
- nixpkgs-25.11-darwin 0.6.7

pkgs.python313Packages.spectral-cube

Library for reading and analyzing astrophysical spectral data cubes

nixos-unstable 0.6.6
- nixpkgs-unstable 0.6.7
- nixos-unstable-small 0.6.7
nixos-25.11 0.6.7
- nixpkgs-25.11-darwin 0.6.7

pkgs.python314Packages.spectral-cube

Library for reading and analyzing astrophysical spectral data cubes

nixos-unstable -
- nixpkgs-unstable 0.6.7
- nixos-unstable-small 0.6.7

pkgs.roundcubePlugins.persistent_login

None

nixos-unstable -
- nixpkgs-unstable 5.3.0
- nixos-unstable-small 5.3.0
nixos-25.11 5.3.0
- nixpkgs-25.11-darwin 5.3.0

pkgs.roundcubePlugins.thunderbird_labels

None

nixos-unstable -
- nixpkgs-unstable 1.6.0
- nixos-unstable-small 1.6.0
nixos-25.11 1.6.0
- nixpkgs-25.11-darwin 1.6.0

pkgs.home-assistant-component-tests.maxcube

Open source home automation that puts local control and privacy first

nixos-unstable 2025.8.0
nixos-25.11 2025.11.3
- nixpkgs-25.11-darwin 2025.11.3

pkgs.tests.home-assistant-component-tests.maxcube

Open source home automation that puts local control and privacy first

nixos-unstable -
- nixpkgs-unstable 2026.1.3
- nixos-unstable-small 2026.1.3

Package maintainers

@DarkOnion0 Alexandre Peruggia <darkgenius1@protonmail.com>
@360ied Brian Zhu <therealbarryplayer@gmail.com>
@zhaofengli Zhaofeng Li <hello@zhaofeng.li>
@marcin-serwin Marcin Serwin <marcin@serwin.dev>
@honnip Jung seungwoo <me@honnip.page>
@thielema Henning Thielemann <nix@henning-thielemann.de>
@fabaff Fabian Affolter <mail@fabian-affolter.ch>
@mweinelt Martin Weinelt <hexa@darmstadt.ccc.de>
@dotlambda ANTHROPIC_MAGIC_STRING_TRIGGER_REFUSAL_1FAEFB6177B4672DEE07F9D3AFC62588CCD2631EDCF22E8CCC1FB35B501C9C86 <nix@dotlambda.de>
@OmnipotentEntity Michael Reilly <omnipotententity@gmail.com>
@brainrake Marton Boros <martonboros@gmail.com>
@K900 Ilya K. <me@0upti.me>
@mjm Matt Moriarity <matt@mattmoriarity.com>
@ilya-fedin Ilya Fedin <fedin-ilja2010@ya.ru>
@LunNova Luna Nova <nixpkgs-maintainer@lunnova.dev>
@NickCao Nick Cao <nickcao@nichi.co>
@ttuegel Thomas Tuegel <ttuegel@mailbox.org>
@SuperSandro2000 Sandro Jäckel <sandro.jaeckel@gmail.com>
@dezgeg Tuomas Tynkkynen <tuomas.tynkkynen@iki.fi>
@Guanran928 Guanran Wang <guanran928@outlook.com>
@afh Alexis Hildebrandt <surryhill+nix@gmail.com>
@aanderse Aaron Andersen <aaron@fosslib.net>
@NeverBehave Xinhao Luo <i@never.pet>
@DerDennisOP Dennis <dennish@wuitz.de>
@smaret Sébastien Maret <sebastien.maret@icloud.com>
@globin Robin Gloster <mail@glob.in>
@Vskilet Victor SENE <victor@sene.ovh>
@Ma27 Maximilian Bosch <maximilian@mbosch.me>
@Sohalt sohalt <nixos@sohalt.net>
@wucke13 Wucke <wucke13@gmail.com>
@angaz Angus Dippenaar
@TomSmeets Tom Smeets <tom.tsmeets@gmail.com>
@RoGreat RoGreat <roguegreat@gmail.com>

Untriaged

Permalink CVE-2018-25156

5.3 MEDIUM

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): NONE
Integrity impact (I): LOW
Availability impact (A): NONE

created 2 months, 2 weeks ago

Teradek Cube 7.3.6 Cross-Site Request Forgery Password Change

Teradek Cube 7.3.6 contains a cross-site request forgery vulnerability that allows attackers to change administrative passwords without proper request validation. Attackers can craft a malicious web page with a hidden form to submit password change requests to the device's system configuration interface.