Nixpkgs security tracker

Login with GitHub
⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Dismissed suggestions

These automatic suggestions were dismissed after initial triaging.

to select a suggestion for revision.

View:
Compact
Detailed
Dismissed
(no matching packages found)
Permalink CVE-2026-24248
7.8 HIGH
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Local (L)
  • Attack Complexity (AC): Low (L)
  • Privileges Required (PR): None (N)
  • User Interaction (UI): Required (R)
  • Scope (S): Unchanged (U)
  • Confidentiality (C): High (H)
  • Integrity (I): High (H)
  • Availability (A): High (H)
  • Modified Attack Vector (MAV): Local (L)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Privileges Required (MPR): None (N)
  • Modified User Interaction (MUI): Required (R)
  • Modified Confidentiality (MC): High (H)
  • Modified Scope (MS): Unchanged (U)
  • Modified Integrity (MI): High (H)
  • Modified Availability (MA): High (H)
created 2 weeks, 2 days ago Activity log
  • Created & dismissed (no matching packages found) suggestion
NVIDIA Megatron Bridge for Linux contains a vulnerability where an …

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper control of code generation. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure.

Affected products

Megatron-Bridge
  • ==Versions 0.0 to 0.4.0
Dismissed
(no matching packages found)
Permalink CVE-2026-20214
7.5 HIGH
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Network (N)
  • Attack Complexity (AC): Low (L)
  • Privileges Required (PR): None (N)
  • User Interaction (UI): None (N)
  • Scope (S): Unchanged (U)
  • Confidentiality (C): None (N)
  • Integrity (I): None (N)
  • Availability (A): High (H)
  • Modified Attack Vector (MAV): Network (N)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Privileges Required (MPR): None (N)
  • Modified User Interaction (MUI): None (N)
  • Modified Confidentiality (MC): None (N)
  • Modified Scope (MS): Unchanged (U)
  • Modified Integrity (MI): None (N)
  • Modified Availability (MA): High (H)
created 2 weeks, 2 days ago Activity log
  • Created & dismissed (no matching packages found) suggestion
ClamAV FSG File Format Processing Out-of-Bounds Memory Corruption Vulnerability

A vulnerability in the FSG file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in FSG files during scanning, which may result in an out-of-bounds buffer write. An attacker could exploit this vulnerability by submitting a crafted file that contains portable executable content compressed with FSG to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software.

Affected products

Cisco Secure Endpoint
  • ==1.12.6
  • ==1.9.1
  • ==6.2.9
  • ==1.25.2
  • ==7.5.13.21598
  • ==7.5.9
  • ==8.1.7.21417
  • ==8.2.1.21612
  • ==7.5.5
  • ==1.20.3
  • ==1.9.0
  • ==1.26.0
  • ==7.5.1.20813
  • ==7.4.1.20439
  • ==1.15.1
  • ==1.14.0
  • ==8.2.3.30119
  • ==8.1.7.21512
  • ==1.20.5
  • ==6.2.5
  • ==7.5.19
  • ==1.20.2
  • ==1.10.1
  • ==8.4.0
  • ==7.2.11
  • ==1.10.0
  • ==1.16.2
  • ==1.15.4
  • ==8.0.1.21164
  • ==1.24.1
  • ==8.1.3
  • ==8.1.5.21322
  • ==1.21.2
  • ==7.3.5
  • ==7.4.3.20679
  • ==7.5.7
  • ==7.5.3
  • ==7.2.13
  • ==1.12.1
  • ==8.4.2.30317
  • ==1.25.0
  • ==6.2.3
  • ==7.5.1.20833
  • ==1.10.2
  • ==1.23.0
  • ==7.5.15.21611
  • ==1.18.1
  • ==1.17.2
  • ==7.3.13
  • ==1.15.6
  • ==1.24.3
  • ==1.11.0
  • ==7.5.11
  • ==1.16.3
  • ==6.2.19
  • ==1.14.1
  • ==7.3.1
  • ==1.22.1
  • ==6.3.3
  • ==1.22.3
  • ==1.21.0
  • ==1.20.8
  • ==1.12.4
  • ==1.15.3
  • ==1.22.0
  • ==6.3.5
  • ==1.22.2
  • ==1.12.7
  • ==1.20.0
  • ==1.26.1
  • ==1.20.1
  • ==1.19.0
  • ==1.6.0
  • ==7.4.1
  • ==1.12.3
  • ==1.20.4
  • ==8.1.3.21242
  • ==1.17.1
  • ==1.17.0
  • ==1.8.4
  • ==8.1.7
  • ==1.16.1
  • ==1.27.2
  • ==7.2.5
  • ==8.2.4.30130
  • ==8.4.1.30307
  • ==7.5.20
  • ==8.4.4.30467
  • ==1.12.0
  • ==1.27.0
  • ==7.4.1.20425
  • ==7.4.3
  • ==1.11.1
  • ==7.3.15
  • ==8.1.5
  • ==1.8.0
  • ==7.1.5
  • ==7.5.17.21680
  • ==1.12.5
  • ==8.4.5.30483
  • ==7.3.9
  • ==1.16.0
  • ==6.3.1
  • ==1.24.0
  • ==1.24.4
  • ==1.18.0
  • ==1.8.1
  • ==1.24.2
  • ==7.5.21.21732
  • ==1.24.5
  • ==1.13.1
  • ==1.15.5
  • ==1.21.1
  • ==1.21.3
  • ==6.0.9
  • ==1.15.2
  • ==7.1.1
  • ==1.15.0
  • ==1.20.6
  • ==1.25.1
  • ==1.27.1
  • ==7.4.5
  • ==8.0.1.21160
  • ==8.4.1.30298
  • ==7.2.3
  • ==1.12.2
  • ==6.1.5
  • ==7.3.3
  • ==1.22.4
  • ==8.2.1.21650
  • ==1.13.0
  • ==7.5.13.21586
  • ==8.1.7.21585
  • ==1.7.0
  • ==1.20.7
  • ==8.4.4.30419
  • ==6.0.7
  • ==6.1.7
  • ==7.2.7
  • ==6.1.9
  • ==7.0.5
  • ==6.3.7
  • ==6.2.1
  • ==8.4.3
  • ==1.23.1
  • ==1.13.2
Dismissed
(no matching packages found)
Permalink CVE-2026-7838
8.7 HIGH
  • CVSS version (CVSS): 4.0
  • Attack Vector (AV): Network (N)
  • Attack Complexity (AC): Low (L)
  • Attack Requirement (AT): None (N)
  • Privileges Required (PR): None (N)
  • User Interaction (UI): Passive (P)
  • Vulnerable System Impact Confidentiality (VC): High (H)
  • Vulnerable System Impact Integrity (VI): High (H)
  • Vulnerable System Impact Availability (VA): High (H)
  • Subsequent System Impact Confidentiality (SC): None (N)
  • Subsequent System Impact Integrity (SI): None (N)
  • Subsequent System Impact Availability (SA): None (N)
  • Modified Attack Vector (MAV): Network (N)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Attack Requirement (MAT): None (N)
  • Modified Privileges Required (MPR): None (N)
  • Modified User Interaction (MUI): Passive (P)
  • Modified Vulnerable System Impact Confidentiality (MVC): High (H)
  • Modified Vulnerable System Impact Integrity (MVI): High (H)
  • Modified Vulnerable System Impact Availability (MVA): High (H)
  • Modified Subsequent System Impact Confidentiality (MSC): Negligible (N)
  • Modified Subsequent System Impact Integrity (MSI): Negligible (N)
  • Modified Subsequent System Impact Availability (MSA): Negligible (N)
  • Safety (S): Not Defined (X)
  • Automatable (AU): Not Defined (X)
  • Recovery (R): Not Defined (X)
  • Value Density (V): Not Defined (X)
  • Vulnerability Response Effort (RE): Not Defined (X)
  • Provider Urgency (U): Not Defined (X)
  • Confidentiality Req. (CR): Not Defined (X)
  • Integrity Req. (IR): Not Defined (X)
  • Availability Req. (AR): Not Defined (X)
  • Exploit Maturity (E): Not Defined (X)
created 2 weeks, 2 days ago Activity log
  • Created & dismissed (no matching packages found) suggestion
UltraVNC viewer heap buffer overflow via integer overflow in RFB connection-failure reason length

UltraVNC viewer through 1.8.2.2 contains an integer overflow leading to a heap buffer overflow in the RFB protocol failure-response parsing path. In vncviewer/ClientConnection.cpp, the 4-byte network-supplied reasonLen field (type CARD32) is passed as reasonLen+1 to CheckBufferSize(). Because both operands are unsigned 32-bit, a reasonLen of 0xFFFFFFFF overflows to 0, causing CheckBufferSize to allocate only 256 bytes. The subsequent ReadString(m_netbuf, reasonLen) call then performs ReadExact for the original 4 GiB length into that 256-byte heap buffer. This overflow is reachable via rfbConnFailed (auth-scheme negotiation) and rfbVncAuthFailed (post-handshake) message types without successful authentication. A malicious VNC server, or any man-in-the-middle on the RFB stream, can trigger this condition when the victim viewer connects, potentially resulting in remote code execution as the user running the viewer. The crash was confirmed with AddressSanitizer on a portable reproduction harness (heap-buffer-overflow WRITE at offset 256).

References

Affected products

UltraVNC
  • =<1.8.2.2
Dismissed
(no matching packages found)
Permalink CVE-2026-12579
7.4 HIGH
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Network (N)
  • Attack Complexity (AC): High (H)
  • Privileges Required (PR): None (N)
  • User Interaction (UI): None (N)
  • Scope (S): Unchanged (U)
  • Confidentiality (C): None (N)
  • Integrity (I): High (H)
  • Availability (A): High (H)
  • Modified Attack Vector (MAV): Network (N)
  • Modified Attack Complexity (MAC): High (H)
  • Modified Privileges Required (MPR): None (N)
  • Modified User Interaction (MUI): None (N)
  • Modified Confidentiality (MC): None (N)
  • Modified Scope (MS): Unchanged (U)
  • Modified Integrity (MI): High (H)
  • Modified Availability (MA): High (H)
created 2 weeks, 2 days ago Activity log
  • Created & dismissed (no matching packages found) suggestion
AS228T - Authentication Bypass Vulnerability

AS228T with Authentication Bypass Vulnerability

Affected products

AS228T
  • =<1.14
Dismissed
(max. allowed matches exceeded)
created 2 weeks, 2 days ago Activity log
  • Created & dismissed (max. allowed matches exceeded) suggestion
slimbus: qcom-ngd-ctrl: Register callbacks after creating the ngd

In the Linux kernel, the following vulnerability has been resolved: slimbus: qcom-ngd-ctrl: Register callbacks after creating the ngd When the remoteproc starts in parallel with the NGD driver being probed, or the remoteproc is already up when the PDR lookup is being registered, or in the theoretical event that we get an interrupt from the hardware, these callbacks will operate on uninitialized data. This result in issues to boot the affected boards. One such example can be seen in the following fault, where qcom_slim_ngd_ssr_pdr_notify() schedules work on the NULL ngd_up_work. [ 21.858578] ------------[ cut here ]------------ [ 21.858745] WARNING: kernel/workqueue.c:2338 at __queue_work+0x5e0/0x790, CPU#2: kworker/2:2/116 ... [ 21.859251] Call trace: [ 21.859255] __queue_work+0x5e0/0x790 (P) [ 21.859265] queue_work_on+0x6c/0xf0 [ 21.859273] qcom_slim_ngd_ssr_pdr_notify+0x110/0x150 [slim_qcom_ngd_ctrl] [ 21.859304] qcom_slim_ngd_ssr_notify+0x24/0x40 [slim_qcom_ngd_ctrl] [ 21.859318] notifier_call_chain+0xa4/0x230 [ 21.859329] srcu_notifier_call_chain+0x64/0xb8 [ 21.859338] ssr_notify_start+0x40/0x78 [qcom_common] [ 21.859355] rproc_start+0x130/0x230 [ 21.859367] rproc_boot+0x3d4/0x518 ... Move the enablement of interrupts, and the registration of SSR and PDR until after the NGD device has been registered. This could be further refined by moving initialization to the control driver probe and by removing the platform driver model from the picture.

Affected products

Linux
  • <2a9d50e9ea406e0c8735938484adc20515ef1b47
  • <fa3790c7ea98328ddc3f7d8bf40247556245a6fc
  • <24ec89123fc9d0d24ce719dcf7fd6c57e5b0d753
  • =<*
  • =<6.18.*
  • <4.19
  • =<7.0.*
  • <08564e15c47a5fb0af6643a43ee15521d49bcdea
  • ==4.19
  • =<6.12.*
Dismissed
(max. allowed matches exceeded)
created 2 weeks, 2 days ago Activity log
  • Created & dismissed (max. allowed matches exceeded) suggestion
i2c: qcom-cci: Fix NULL pointer dereference in cci_remove()

In the Linux kernel, the following vulnerability has been resolved: i2c: qcom-cci: Fix NULL pointer dereference in cci_remove() On all modern platforms Qualcomm CCI controller provides two I2C masters, and on particular boards only one I2C master may be initialized, and in such cases the device unbinding or driver removal causes a NULL pointer dereference, because cci_halt() is called for all two I2C masters, but a completion is initialized only for the single enabled master: % rmmod i2c-qcom-cci Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000 <snip> Call trace: __wait_for_common+0x194/0x1a8 (P) wait_for_completion_timeout+0x20/0x2c cci_remove+0xc4/0x138 [i2c_qcom_cci] platform_remove+0x20/0x30 device_remove+0x4c/0x80 device_release_driver_internal+0x1c8/0x224 driver_detach+0x50/0x98 bus_remove_driver+0x6c/0xbc driver_unregister+0x30/0x60 platform_driver_unregister+0x14/0x20 qcom_cci_driver_exit+0x18/0x1008 [i2c_qcom_cci] ....

Affected products

Linux
  • <e8669d12da0ade52adfe0abe96cd99e708abc9bd
  • <4cd206c1d57a9370d5219f7b1fc45169d7bdf951
  • <729ac5a4b966aac42e08a94dea966f4429008548
  • =<6.1.*
  • =<6.6.*
  • =<*
  • <a162a260c8c4db7501c65220e76913e8e351f823
  • =<6.18.*
  • =<5.10.*
  • ==5.8
  • =<7.0.*
  • <5.8
  • =<5.15.*
  • =<6.12.*
  • <a50b8adb9cdb9a495b0b45583956897b7411ed7a
  • <7107627b8b35015027201e7a095a3f6e30b4a46f
  • <8ce7ff721a5e9d06d53ef65d01c89fce6d26d6ff
  • <4d2b4a9cda6837e5ee1de1290f2e773a713b71e9
Dismissed
(no matching packages found)
Permalink CVE-2026-14439
9.4 CRITICAL
  • CVSS version (CVSS): 4.0
  • Attack Vector (AV): Network (N)
  • Attack Complexity (AC): Low (L)
  • Attack Requirement (AT): None (N)
  • Privileges Required (PR): Low (L)
  • User Interaction (UI): None (N)
  • Vulnerable System Impact Confidentiality (VC): High (H)
  • Vulnerable System Impact Integrity (VI): High (H)
  • Vulnerable System Impact Availability (VA): High (H)
  • Subsequent System Impact Confidentiality (SC): High (H)
  • Subsequent System Impact Integrity (SI): High (H)
  • Subsequent System Impact Availability (SA): High (H)
  • Modified Attack Vector (MAV): Network (N)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Attack Requirement (MAT): None (N)
  • Modified Privileges Required (MPR): Low (L)
  • Modified User Interaction (MUI): None (N)
  • Modified Vulnerable System Impact Confidentiality (MVC): High (H)
  • Modified Vulnerable System Impact Integrity (MVI): High (H)
  • Modified Vulnerable System Impact Availability (MVA): High (H)
  • Modified Subsequent System Impact Confidentiality (MSC): High (H)
  • Modified Subsequent System Impact Integrity (MSI): High (H)
  • Modified Subsequent System Impact Availability (MSA): High (H)
  • Safety (S): Not Defined (X)
  • Automatable (AU): Not Defined (X)
  • Recovery (R): Not Defined (X)
  • Value Density (V): Not Defined (X)
  • Vulnerability Response Effort (RE): Not Defined (X)
  • Provider Urgency (U): Not Defined (X)
  • Confidentiality Req. (CR): Not Defined (X)
  • Integrity Req. (IR): Not Defined (X)
  • Availability Req. (AR): Not Defined (X)
  • Exploit Maturity (E): Not Defined (X)
created 2 weeks, 2 days ago Activity log
  • Created & dismissed (no matching packages found) suggestion
Path Traversal in Altium Git Service Allows Remote Code Execution

A path traversal vulnerability exists in the Git Service component shared by Altium Enterprise Server and Altium 365. The service accepts a sequence of post-clone file-manipulation operations that use user-supplied paths without validation, allowing an authenticated user with basic git access to move arbitrary files outside the intended repository area. This file-move primitive can be used to place attacker-controlled script content into directories where it is later executed by the service, resulting in remote code execution under the Git Service account. On multi-tenant Altium 365 deployments, this could have allowed access to data belonging to other tenants on the same infrastructure node. Altium Enterprise Server is fixed in 8.1.1. The issue has been remediated across Altium 365 shared multi-tenant deployments at the service level; remediation is in progress on remaining Altium 365 deployments.

Affected products

Altium 365
  • ==unspecified
Altium Enterprise Server
  • <8.1.1
Dismissed
(no matching packages found)
Permalink CVE-2026-5120
8.1 HIGH
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Network (N)
  • Attack Complexity (AC): Low (L)
  • Privileges Required (PR): Low (L)
  • User Interaction (UI): None (N)
  • Scope (S): Unchanged (U)
  • Confidentiality (C): High (H)
  • Integrity (I): High (H)
  • Availability (A): None (N)
  • Modified Attack Vector (MAV): Network (N)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Privileges Required (MPR): Low (L)
  • Modified User Interaction (MUI): None (N)
  • Modified Confidentiality (MC): High (H)
  • Modified Scope (MS): Unchanged (U)
  • Modified Integrity (MI): High (H)
  • Modified Availability (MA): None (N)
created 2 weeks, 2 days ago Activity log
  • Created & dismissed (no matching packages found) suggestion
Race Condition vulnerability affecting BIOVIA Workbook from Release 2021 through Release 2026

A Race Condition vulnerability affecting BIOVIA Workbook from Release 2021 through Release 2026 could allow a user to access unauthorized data from another user.

Affected products

BIOVIA Workbook
  • =<Release 2021 Refresh5
  • =<Release 2024 Refresh4
  • =<Release 2025 Refresh3
  • =<Release 2022 Refresh5
  • =<Release 2023 Refresh4
  • ==Release 2026 Golden
Dismissed
(no matching packages found)
Permalink CVE-2026-10540
5.6 MEDIUM
  • CVSS version (CVSS): 4.0
  • Attack Vector (AV): Local (L)
  • Attack Complexity (AC): Low (L)
  • Attack Requirement (AT): Present (P)
  • Privileges Required (PR): High (H)
  • User Interaction (UI): None (N)
  • Vulnerable System Impact Confidentiality (VC): High (H)
  • Vulnerable System Impact Integrity (VI): None (N)
  • Vulnerable System Impact Availability (VA): None (N)
  • Subsequent System Impact Confidentiality (SC): None (N)
  • Subsequent System Impact Integrity (SI): None (N)
  • Subsequent System Impact Availability (SA): None (N)
  • Modified Attack Vector (MAV): Local (L)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Attack Requirement (MAT): Present (P)
  • Modified Privileges Required (MPR): High (H)
  • Modified User Interaction (MUI): None (N)
  • Modified Vulnerable System Impact Confidentiality (MVC): High (H)
  • Modified Vulnerable System Impact Integrity (MVI): None (N)
  • Modified Vulnerable System Impact Availability (MVA): None (N)
  • Modified Subsequent System Impact Confidentiality (MSC): Negligible (N)
  • Modified Subsequent System Impact Integrity (MSI): Negligible (N)
  • Modified Subsequent System Impact Availability (MSA): Negligible (N)
  • Safety (S): Not Defined (X)
  • Automatable (AU): Not Defined (X)
  • Recovery (R): Not Defined (X)
  • Value Density (V): Not Defined (X)
  • Vulnerability Response Effort (RE): Not Defined (X)
  • Provider Urgency (U): Not Defined (X)
  • Confidentiality Req. (CR): Not Defined (X)
  • Integrity Req. (IR): Not Defined (X)
  • Availability Req. (AR): Not Defined (X)
  • Exploit Maturity (E): Not Defined (X)
created 2 weeks, 2 days ago Activity log
  • Created & dismissed (no matching packages found) suggestion
Weak password hash protection in Control-M/Entreprise Manager

The Control-M/Enterprise Manager uses weak protections for stored hashes of account passwords, potentially allowing offline password recovery attacks if credential data is obtained by an attacker. This vulnerability affects Control-M/Enterprise Manager unsupported versions 9.0.20.x and potentially earlier unsupported versions

Affected products

Control-M/Enterprise Manager
  • ==9.0.21
  • <9.0.21
Dismissed
(no matching packages found)
created 2 weeks, 2 days ago Activity log
  • Created & dismissed (no matching packages found) suggestion
A division-by-zero vulnerability in the CStreamSwitcherOutputPin::DecideBufferSize function of Aleksoid1978 MPC-BE …

A division-by-zero vulnerability in the CStreamSwitcherOutputPin::DecideBufferSize function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file.

Affected products

n/a
  • ==n/a