Nixpkgs security tracker

Permalink CVE-2026-34000

6.1 MEDIUM

CVSS version (CVSS): 3.1
Attack Vector (AV): Local (L)
Attack Complexity (AC): Low (L)
Privileges Required (PR): Low (L)
User Interaction (UI): None (N)
Scope (S): Unchanged (U)
Confidentiality (C): High (H)
Integrity (I): None (N)
Availability (A): Low (L)
Modified Attack Vector (MAV): Local (L)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): Low (L)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): High (H)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): None (N)
Modified Availability (MA): Low (L)

created 3 weeks, 4 days ago Activity log

Created suggestion 3 weeks, 4 days ago

Xwayland: xorg: x.org x server: information disclosure and denial of service via out-of-bounds read in xkb geometry processing.

A flaw was found in the X.Org X server. This out-of-bounds read vulnerability in the XKB geometry processing, specifically within the `CheckSetGeom()` and `XkbAddGeomKeyAlias` functions, allows an attacker to read uninitialized or out-of-bounds memory. An attacker with a connection to the X11 server, either locally or remotely, can exploit this without user interaction. This could lead to the disclosure of memory contents or cause a denial of service by crashing the server.

References

https://access.redhat.com/security/cve/CVE-2026-34000 vdb-entryx_refsource_REDHAT
RHBZ#2451107 x_refsource_REDHATissue-tracking

Affected products

tigervnc

xorg-x11-server

xorg-x11-server-Xwayland

Matching in nixpkgs

pkgs.tigervnc

Fork of tightVNC, made in cooperation with VirtualGL

nixos-unstable 1.16.2
- nixpkgs-unstable 1.16.2
- nixos-unstable-small 1.16.2
nixos-25.11 1.16.2
- nixos-25.11-small 1.16.2
- nixpkgs-25.11-darwin 1.16.2

Permalink CVE-2026-34002

6.1 MEDIUM

CVSS version (CVSS): 3.1
Attack Vector (AV): Local (L)
Attack Complexity (AC): Low (L)
Privileges Required (PR): Low (L)
User Interaction (UI): None (N)
Scope (S): Unchanged (U)
Confidentiality (C): High (H)
Integrity (I): None (N)
Availability (A): Low (L)
Modified Attack Vector (MAV): Local (L)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): Low (L)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): High (H)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): None (N)
Modified Availability (MA): Low (L)

created 3 weeks, 4 days ago Activity log

Created suggestion 3 weeks, 4 days ago

Xorg: xwayland: x.org x server: information disclosure or denial of service via out-of-bounds read in xkb modifier map handling

A flaw was found in the X.Org X server. This vulnerability, an out-of-bounds read, affects the XKB (X Keyboard Extension) modifier map handling. An attacker with access to the X11 server can exploit this by sending a malformed request, which causes the server to read beyond its intended memory boundaries. This can lead to the exposure of sensitive information or cause the server to crash, resulting in a denial of service.

References

https://access.redhat.com/security/cve/CVE-2026-34002 vdb-entryx_refsource_REDHAT
RHBZ#2451112 x_refsource_REDHATissue-tracking

Affected products

tigervnc

xorg-x11-server

xorg-x11-server-Xwayland

Matching in nixpkgs

pkgs.tigervnc

Fork of tightVNC, made in cooperation with VirtualGL

nixos-unstable 1.16.2
- nixpkgs-unstable 1.16.2
- nixos-unstable-small 1.16.2
nixos-25.11 1.16.2
- nixos-25.11-small 1.16.2
- nixpkgs-25.11-darwin 1.16.2

Permalink CVE-2026-34003

7.8 HIGH

CVSS version (CVSS): 3.1
Attack Vector (AV): Local (L)
Attack Complexity (AC): Low (L)
Privileges Required (PR): Low (L)
User Interaction (UI): None (N)
Scope (S): Unchanged (U)
Confidentiality (C): High (H)
Integrity (I): High (H)
Availability (A): High (H)
Modified Attack Vector (MAV): Local (L)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): Low (L)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): High (H)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): High (H)
Modified Availability (MA): High (H)

created 1 month ago Activity log

Created suggestion 1 month ago

Xorg: xwayland: x.org x server: information exposure and denial of service via out-of-bounds memory access

A flaw was found in the X.Org X server's XKB key types request validation. A local attacker could send a specially crafted request to the X server, leading to an out-of-bounds memory access vulnerability. This could result in the disclosure of sensitive information or cause the server to crash, leading to a Denial of Service (DoS). In certain configurations, higher impact outcomes may be possible.

References

https://access.redhat.com/security/cve/CVE-2026-34003 vdb-entryx_refsource_REDHAT
RHBZ#2451113 x_refsource_REDHATissue-tracking

Affected products

tigervnc

xorg-x11-server

xorg-x11-server-Xwayland

Matching in nixpkgs

pkgs.tigervnc

Fork of tightVNC, made in cooperation with VirtualGL

nixos-unstable 1.16.2
- nixpkgs-unstable 1.16.2
- nixos-unstable-small 1.16.2
nixos-25.11 1.16.2
- nixos-25.11-small 1.16.2
- nixpkgs-25.11-darwin 1.16.2

Permalink CVE-2026-33999

7.8 HIGH

CVSS version (CVSS): 3.1
Attack Vector (AV): Local (L)
Attack Complexity (AC): Low (L)
Privileges Required (PR): Low (L)
User Interaction (UI): None (N)
Scope (S): Unchanged (U)
Confidentiality (C): High (H)
Integrity (I): High (H)
Availability (A): High (H)
Modified Attack Vector (MAV): Local (L)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): Low (L)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): High (H)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): High (H)
Modified Availability (MA): High (H)

created 1 month ago Activity log

Created suggestion 1 month ago

Xorg: xwayland: x.org x server: denial of service via integer underflow in xkb compatibility map handling

A flaw was found in the X.Org X server. This integer underflow vulnerability, specifically in the XKB compatibility map handling, allows an attacker with local or remote X11 server access to trigger a buffer read overrun. This can lead to memory-safety violations and potentially a denial of service (DoS) or other severe impacts.

References

https://access.redhat.com/security/cve/CVE-2026-33999 vdb-entryx_refsource_REDHAT
RHBZ#2451106 x_refsource_REDHATissue-tracking

Affected products

tigervnc

xorg-x11-server

xorg-x11-server-Xwayland

Matching in nixpkgs

pkgs.tigervnc

Fork of tightVNC, made in cooperation with VirtualGL

nixos-unstable 1.16.2
- nixpkgs-unstable 1.16.2
- nixos-unstable-small 1.16.2
nixos-25.11 1.16.2
- nixos-25.11-small 1.16.2
- nixpkgs-25.11-darwin 1.16.2

Permalink CVE-2026-34001

7.8 HIGH

CVSS version (CVSS): 3.1
Attack Vector (AV): Local (L)
Attack Complexity (AC): Low (L)
Privileges Required (PR): Low (L)
User Interaction (UI): None (N)
Scope (S): Unchanged (U)
Confidentiality (C): High (H)
Integrity (I): High (H)
Availability (A): High (H)
Modified Attack Vector (MAV): Local (L)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): Low (L)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): High (H)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): High (H)
Modified Availability (MA): High (H)

created 1 month ago Activity log

Created suggestion 1 month ago

Xorg: xwayland: x.org x server: use-after-free vulnerability leads to server crash and potential memory corruption

A flaw was found in the X.Org X server. This use-after-free vulnerability occurs in the XSYNC fence triggering logic, specifically within the miSyncTriggerFence() function. An attacker with access to the X11 server can exploit this without user interaction, leading to a server crash and potentially enabling memory corruption. This could result in a denial of service or further compromise of the system.

References

https://access.redhat.com/security/cve/CVE-2026-34001 vdb-entryx_refsource_REDHAT
RHBZ#2451109 x_refsource_REDHATissue-tracking

Affected products

tigervnc

xorg-x11-server

xorg-x11-server-Xwayland

Matching in nixpkgs

pkgs.tigervnc

Fork of tightVNC, made in cooperation with VirtualGL

nixos-unstable 1.16.2
- nixpkgs-unstable 1.16.2
- nixos-unstable-small 1.16.2
nixos-25.11 1.16.2
- nixos-25.11-small 1.16.2
- nixpkgs-25.11-darwin 1.16.2

Permalink CVE-2026-34352

8.5 HIGH

CVSS version (CVSS): 3.1
Attack Vector (AV): Local (L)
Attack Complexity (AC): Low (L)
Privileges Required (PR): None (N)
User Interaction (UI): None (N)
Scope (S): Changed (C)
Confidentiality (C): High (H)
Integrity (I): Low (L)
Availability (A): Low (L)
Modified Attack Vector (MAV): Local (L)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): High (H)
Modified Scope (MS): Changed (C)
Modified Integrity (MI): Low (L)
Modified Availability (MA): Low (L)

created 2 months ago Activity log

Created suggestion 2 months ago

In TigerVNC before 1.16.2, Image.cxx in x0vncserver allows other users …

In TigerVNC before 1.16.2, Image.cxx in x0vncserver allows other users to observe or manipulate the screen contents, or cause an application crash, because of incorrect permissions.

References

Affected products

TigerVNC

<1.16.2

Matching in nixpkgs

pkgs.tigervnc

Fork of tightVNC, made in cooperation with VirtualGL

nixos-unstable 1.16.0
- nixpkgs-unstable 1.16.0
- nixos-unstable-small 1.16.0
nixos-25.11 1.15.0
- nixos-25.11-small 1.15.0
- nixpkgs-25.11-darwin 1.15.0

Suggestions search

References

Affected products

Matching in nixpkgs

pkgs.tigervnc

References

Affected products

Matching in nixpkgs

pkgs.tigervnc

References

Affected products

Matching in nixpkgs

pkgs.tigervnc

References

Affected products

Matching in nixpkgs

pkgs.tigervnc

References

Affected products

Matching in nixpkgs

pkgs.tigervnc

References

Affected products

Matching in nixpkgs

pkgs.tigervnc