Nixpkgs security tracker

Login with GitHub
⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Automatically generated suggestions

to slate a suggestion for refinement.

to mark a suggestion as irrelevant and log the reason.

View:
Compact
Detailed
Permalink CVE-2025-47378
7.1 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): NONE
created 1 month, 3 weeks ago Activity log
  • Created suggestion 1 month, 3 weeks ago
Exposure of Sensitive System Information to an Unauthorized Control Sphere in HLOS

Cryptographic Issue when a shared VM reference allows HLOS to boot loader and access cert chain.

Affected products

Snapdragon
  • ==SA8620P
  • ==SAR1250P
  • ==SRV1M
  • ==Snapdragon 865 5G Mobile Platform
  • ==QAMSRV1H
  • ==FastConnect 7800
  • ==SXR2230P
  • ==QLN1086BD
  • ==Cologne
  • ==WCD9378C
  • ==WSA8845H
  • ==SAR1165P
  • ==LeMans_AU_LGIT
  • ==QCA6696
  • ==QCA6391
  • ==SD865 5G
  • ==WCD9385
  • ==SRV1H
  • ==WSA8840
  • ==X2000090
  • ==XG101032
  • ==WCN3950
  • ==QPA1086BD
  • ==QXM1094
  • ==SA8770P
  • ==SAR2230P
  • ==X2000092
  • ==FastConnect 6900
  • ==X2000077
  • ==FastConnect 6700
  • ==QCA6595AU
  • ==QXM1086
  • ==Snapdragon 8 Elite Gen 5
  • ==WSA8845
  • ==QXM1093
  • ==FastConnect 6800
  • ==LeMansAU
  • ==WSA8835
  • ==SA9000P
  • ==X2000094
  • ==SAR2130P
  • ==QPA1083BD
  • ==QCA6595
  • ==XG101039
  • ==QXM1095
  • ==Snapdragon 865+ 5G Mobile Platform
  • ==SA7255P
  • ==QXM1096
  • ==Snapdragon AR1 Gen 1 Platform
  • ==Snapdragon AR1+ Gen 1 Platform
  • ==WSA8815
  • ==QCA6698AQ
  • ==WSA8830
  • ==Snapdragon XR2+ Gen 1 Platform
  • ==WCD9395
  • ==WCN7861
  • ==XG101002
  • ==SA8255P
  • ==QAMSRV1M
  • ==Snapdragon 870 5G Mobile Platform
  • ==Pandeiro
  • ==QLN1083BD
  • ==QXM1083
  • ==SA7775P
  • ==Snapdragon X55 5G Modem-RF System
  • ==WCN7860
  • ==Snapdragon XR2 5G Platform
  • ==WCD9380
  • ==WSA8810
  • ==WSA8832
  • ==X2000086
  • ==QCA6797AQ
  • ==SXR2250P
  • ==QAM8255P

Matching in nixpkgs

Permalink CVE-2025-47384
6.5 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): ADJACENT_NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
created 1 month, 3 weeks ago Activity log
  • Created suggestion 1 month, 3 weeks ago
Reachable Assertion in FW

Transient DOS when MAC configures config id greater than supported maximum value.

Affected products

Snapdragon
  • ==Snapdragon 4 Gen 1 Mobile Platform
  • ==Snapdragon 888+ 5G Mobile Platform
  • ==Snapdragon 695 5G Mobile Platform
  • ==Snapdragon X53 5G Modem-RF System
  • ==Snapdragon 778G+ 5G Mobile Platform
  • ==QCM6490
  • ==Snapdragon Auto 5G Modem-RF
  • ==FastConnect 6200
  • ==Qualcomm Video Collaboration VC3 Platform
  • ==SDX57M
  • ==WSA8810
  • ==FastConnect 6700
  • ==QCA6574A
  • ==Snapdragon 865+ 5G Mobile Platform
  • ==WSA8830
  • ==WSA8835
  • ==WCN3988
  • ==WSA8815
  • ==SM7325P
  • ==5G Fixed Wireless Access Platform
  • ==WCD9370
  • ==Snapdragon X55 5G Modem-RF System
  • ==WCD9341
  • ==FastConnect 6900
  • ==Snapdragon 778G 5G Mobile Platform
  • ==WCD9360
  • ==Snapdragon 7c+ Gen 3 Compute
  • ==WCD9385
  • ==QCA6391
  • ==Snapdragon 870 5G Mobile Platform
  • ==WCD9375
  • ==WCD9380
  • ==Snapdragon 480 5G Mobile Platform
  • ==Snapdragon 690 5G Mobile Platform
  • ==QCA6698AQ
  • ==Snapdragon 888 5G Mobile Platform
  • ==Snapdragon 782G Mobile Platform
  • ==QCA6696
  • ==Snapdragon 480+ 5G Mobile Platform
  • ==Snapdragon 865 5G Mobile Platform
  • ==FastConnect 6800
  • ==QCM5430
  • ==QCA6595AU

Matching in nixpkgs

Permalink CVE-2025-47385
7.8 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 1 month, 3 weeks ago Activity log
  • Created suggestion 1 month, 3 weeks ago
Improper Access Control for Register Interface in SCE-Mink

Memory Corruption when accessing trusted execution environment without proper privilege check.

Affected products

Snapdragon
  • ==G2 Gen 1
  • ==WCN7880
  • ==QLN1086BD
  • ==SXR2350P
  • ==WSA8845H
  • ==QCA6696
  • ==WCD9370
  • ==QXM1094
  • ==FastConnect 6900
  • ==FastConnect 6200
  • ==QCA6595AU
  • ==QXM1086
  • ==QCA6574A
  • ==QXM1093
  • ==SW5100P
  • ==LeMansAU
  • ==SM8750P
  • ==Snapdragon AR1+ Gen 1 Platform
  • ==QCA6698AQ
  • ==WCN7861
  • ==QCA9367
  • ==SA8255P
  • ==SM7435
  • ==Pandeiro
  • ==QLN1083BD
  • ==WSA8810
  • ==QCA9377
  • ==WSA8832
  • ==QMP1000
  • ==FastConnect 7800
  • ==WCN7881
  • ==LeMans_AU_LGIT
  • ==SRV1H
  • ==Snapdragon 6 Gen 4 Mobile Platform
  • ==SAR2230P
  • ==Snapdragon 8 Elite
  • ==FastConnect 6700
  • ==Snapdragon 480 5G Mobile Platform
  • ==QCA6688AQ
  • ==SA9000P
  • ==QXM1095
  • ==SA7255P
  • ==Snapdragon 4 Gen 1 Mobile Platform
  • ==SA8155P
  • ==QAM8295P
  • ==Netrani
  • ==WCD9375
  • ==QXM1083
  • ==Snapdragon 4 Gen 2 Mobile Platform
  • ==WCN7860
  • ==WCD9378
  • ==WCN3988
  • ==Snapdragon 480+ 5G Mobile Platform
  • ==QCA6797AQ
  • ==SA8620P
  • ==SAR1250P
  • ==Snapdragon W5+ Gen 1 Wearable Platform
  • ==QAMSRV1H
  • ==Snapdragon 6 Gen 1 Mobile Platform
  • ==SAR1165P
  • ==WCD9385
  • ==WSA8840
  • ==WCN3950
  • ==SA8770P
  • ==WSA8845
  • ==QCA6595
  • ==SW5100
  • ==WSA8815
  • ==QXM1096
  • ==SA8195P
  • ==SA6155P
  • ==SXR2330P
  • ==SA7775P
  • ==WCD9380
  • ==QAM8255P
  • ==SRV1M
  • ==SA8295P
  • ==Orne
  • ==QPA1086BD
  • ==QCA6574AU
  • ==WCN6755
  • ==Snapdragon 7s Gen 3 Mobile Platform
  • ==Snapdragon 6 Gen 3 Mobile Platform
  • ==WSA8835
  • ==QCA6574
  • ==QPA1083BD
  • ==QCA8695AU
  • ==WSA8830
  • ==WCD9395
  • ==QAMSRV1M
  • ==Snapdragon 695 5G Mobile Platform
  • ==Milos
  • ==Palawan25
  • ==WCN6450

Matching in nixpkgs

Permalink CVE-2026-3337
5.9 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): HIGH
  • Availability impact (A): NONE
created 1 month, 3 weeks ago Activity log
  • Created suggestion 1 month, 3 weeks ago
Timing Side-Channel in AES-CCM Tag Verification in AWS-LC

Observable timing discrepancy in AES-CCM decryption in AWS-LC allows an unauthenticated user to potentially determine authentication tag validity via timing analysis. The impacted implementations are through the EVP CIPHER API: EVP_aes_128_ccm, EVP_aes_192_ccm, and EVP_aes_256_ccm. Customers of AWS services do not need to take action. Applications using AWS-LC should upgrade to AWS-LC version 1.69.0.

Affected products

AWS-LC
  • <1.69.0
AWS-LC-FIPS
  • <3.2.0

Matching in nixpkgs

pkgs.aws-lc

General-purpose cryptographic library maintained by the AWS Cryptography team for AWS and their customers

Package maintainers

Permalink CVE-2025-59603
7.8 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 1 month, 3 weeks ago Activity log
  • Created suggestion 1 month, 3 weeks ago
Out-of-bounds Write in Computer Vision

Memory Corruption when processing invalid user address with nonstandard buffer address.

Affected products

Snapdragon
  • ==WSA8840
  • ==SXR2230P
  • ==FastConnect 7800
  • ==XG101032
  • ==Cologne
  • ==WSA8810
  • ==WSA8845H
  • ==WSA8830
  • ==WSA8835
  • ==X2000086
  • ==WSA8815
  • ==WSA8845
  • ==Snapdragon XR2 5G Platform
  • ==Snapdragon XR2+ Gen 1 Platform
  • ==X2000077
  • ==SXR2250P
  • ==SC8380XP
  • ==FastConnect 6900
  • ==X2000092
  • ==XG101002
  • ==SD865 5G
  • ==WCD9378C
  • ==WCD9385
  • ==WCD9380
  • ==X2000090
  • ==WSA8832
  • ==X2000094
  • ==QCA0000
  • ==XG101039

Matching in nixpkgs

Permalink CVE-2026-27631
created 1 month, 3 weeks ago Activity log
  • Created suggestion 1 month, 3 weeks ago
Exiv2: Uncaught exception - cannot create std::vector larger than max_size()

Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an uncaught exception was found in Exiv2. The vulnerability is in the preview component, which is only triggered when running Exiv2 with an extra command line argument, like -pp. Due to an integer overflow, the code attempts to create a huge std::vector, which causes Exiv2 to crash with an uncaught exception. This issue has been patched in version 0.28.8.

Affected products

exiv2
  • ==< 0.28.8

Matching in nixpkgs

pkgs.exiv2

Library and command-line utility to manage image metadata

pkgs.gexiv2

GObject wrapper around the Exiv2 photo metadata library

Permalink CVE-2025-47386
7.8 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 1 month, 3 weeks ago Activity log
  • Created suggestion 1 month, 3 weeks ago
Use After Free in Automotive Audio

Memory Corruption while invoking IOCTL calls when concurrent access to shared buffer occurs.

Affected products

Snapdragon
  • ==WSA8840
  • ==SM8635P
  • ==Snapdragon 6 Gen 4 Mobile Platform
  • ==QCA9377
  • ==QCA8695AU
  • ==QCA9367
  • ==Qualcomm Video Collaboration VC5 Platform
  • ==Snapdragon 8+ Gen 2 Mobile Platform
  • ==Qualcomm Video Collaboration VC3 Platform
  • ==Snapdragon X32 5G Modem-RF System
  • ==Qualcomm 215 Mobile Platform
  • ==WSA8845H
  • ==WSA8830
  • ==AR8031
  • ==SM7550P
  • ==QCS4290
  • ==AR8035
  • ==WCD9370
  • ==Snapdragon XR2+ Gen 1 Platform
  • ==SRV1H
  • ==Snapdragon X55 5G Modem-RF System
  • ==LeMans_AU_LGIT
  • ==QFW7114
  • ==SA6155P
  • ==Qualcomm Video Collaboration VC1 Platform
  • ==FastConnect 6900
  • ==QCA6564A
  • ==QCA6564AU
  • ==Snapdragon W5+ Gen 1 Wearable Platform
  • ==QCN6224
  • ==Snapdragon 680 4G Mobile Platform
  • ==WCD9380
  • ==QAM8255P
  • ==QRB5165N
  • ==WCN3910
  • ==Snapdragon 888 5G Mobile Platform
  • ==SA6150P
  • ==SA8145P
  • ==WCN3615
  • ==CSRA6640
  • ==WCD9390
  • ==QCA6595AU
  • ==Snapdragon 460 Mobile Platform
  • ==SA6145P
  • ==QCA6595
  • ==SA7775P
  • ==Snapdragon 695 5G Mobile Platform
  • ==Snapdragon X35 5G Modem-RF System
  • ==Snapdragon 778G+ 5G Mobile Platform
  • ==FastConnect 7800
  • ==QCM6490
  • ==FastConnect 6200
  • ==Snapdragon Auto 5G Modem-RF
  • ==Snapdragon 8 Gen 3 Mobile Platform
  • ==FastConnect 6700
  • ==SA8195P
  • ==SW5100
  • ==SDA660
  • ==WSA8835
  • ==QCA6584AU
  • ==SM7325P
  • ==SM8635
  • ==Snapdragon XR2 5G Platform
  • ==G1 Gen 1
  • ==WCD9378
  • ==SA8150P
  • ==WCD9341
  • ==SM8550P
  • ==WCD9326
  • ==WCD9371
  • ==Snapdragon 8 Gen 2 Mobile Platform
  • ==SD865 5G
  • ==WCN3950
  • ==CSRA6620
  • ==Snapdragon 7c+ Gen 3 Compute
  • ==Snapdragon 685 4G Mobile Platform
  • ==WCN3680B
  • ==Snapdragon 480 5G Mobile Platform
  • ==SRV1M
  • ==MDM9250
  • ==SD662
  • ==QCA6174A
  • ==Flight RB5 5G Platform
  • ==QCA8081
  • ==SA8620P
  • ==Snapdragon 660 Mobile Platform
  • ==QCM5430
  • ==SM6650P
  • ==SA8155P
  • ==Snapdragon X53 5G Modem-RF System
  • ==QCM6125
  • ==QEP8111
  • ==QCA6797AQ
  • ==Milos
  • ==Snapdragon X72 5G Modem-RF System
  • ==QCA6574AU
  • ==QCS8550
  • ==QCA6698AU
  • ==WSA8815
  • ==SA8255P
  • ==SM7550
  • ==QAMSRV1M
  • ==QCA6688AQ
  • ==QCM4325
  • ==SA4155P
  • ==WCN6650
  • ==Snapdragon 778G 5G Mobile Platform
  • ==WCN3660B
  • ==Smart Audio 400 Platform
  • ==QFW7124
  • ==Robotics RB2 Platform
  • ==QCM2290
  • ==SA9000P
  • ==WCD9385
  • ==SM7675P
  • ==WCD9375
  • ==FWA Gen 3 Ultra Platform
  • ==Snapdragon 690 5G Mobile Platform
  • ==LeMansAU
  • ==QCA6698AQ
  • ==WCN6450
  • ==WCD9335
  • ==Snapdragon 782G Mobile Platform
  • ==QCA6696
  • ==SA4150P
  • ==Snapdragon 480+ 5G Mobile Platform
  • ==MDM9628
  • ==QCN9012
  • ==Snapdragon 4 Gen 1 Mobile Platform
  • ==Snapdragon 888+ 5G Mobile Platform
  • ==QAMSRV1H
  • ==SA7255P
  • ==QCA6678AQ
  • ==SA8770P
  • ==WSA8810
  • ==Robotics RB5 Platform
  • ==QCA6574A
  • ==SM7675
  • ==SM7635P
  • ==QRB5165M
  • ==QCA2066
  • ==QCN6274
  • ==Snapdragon 865+ 5G Mobile Platform
  • ==WCN3988
  • ==QAM8295P
  • ==Snapdragon X12 LTE Modem
  • ==SW5100P
  • ==Snapdragon 7s Gen 3 Mobile Platform
  • ==WSA8845
  • ==Snapdragon Auto 5G Modem-RF Gen 2
  • ==QCC710
  • ==QCN9011
  • ==SM8650Q
  • ==WCD9395
  • ==QCA8337
  • ==QCS2290
  • ==WCN3990
  • ==QCA6574
  • ==Snapdragon X75 5G Modem-RF System
  • ==QCA6391
  • ==Snapdragon 870 5G Mobile Platform
  • ==WCN6755
  • ==Snapdragon 662 Mobile Platform
  • ==WSA8832
  • ==SA8295P
  • ==WCD9340
  • ==Snapdragon 865 5G Mobile Platform
  • ==FastConnect 6800
  • ==WCN3980
  • ==SM6225P

Matching in nixpkgs

Permalink CVE-2025-47381
7.8 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 1 month, 3 weeks ago Activity log
  • Created suggestion 1 month, 3 weeks ago
Use After Free in Automotive Audio

Memory Corruption while processing IOCTL calls when concurrent access to shared buffer occurs.

Affected products

Snapdragon
  • ==SA8155P
  • ==QCA6595
  • ==SA7775P
  • ==QCA9377
  • ==QCA9367
  • ==QAMSRV1H
  • ==SA7255P
  • ==SA8770P
  • ==QCA6574A
  • ==SA8195P
  • ==QCA6574AU
  • ==SA8255P
  • ==QAMSRV1M
  • ==QCA6688AQ
  • ==SRV1H
  • ==LeMans_AU_LGIT
  • ==SA6155P
  • ==QCA6574
  • ==SA9000P
  • ==SRV1M
  • ==QAM8255P
  • ==LeMansAU
  • ==SA8620P
  • ==QCA6696
  • ==QCA6595AU

Matching in nixpkgs

Permalink CVE-2026-25884
created 1 month, 3 weeks ago Activity log
  • Created suggestion 1 month, 3 weeks ago
Exiv2: Out-of-bounds read in CrwMap::decode0x0805

Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found. The vulnerability is in the CRW image parser. This issue has been patched in version 0.28.8.

Affected products

exiv2
  • ==< 0.28.8

Matching in nixpkgs

pkgs.exiv2

Library and command-line utility to manage image metadata

pkgs.gexiv2

GObject wrapper around the Exiv2 photo metadata library

Permalink CVE-2026-21853
8.8 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 1 month, 3 weeks ago Activity log
  • Created suggestion 1 month, 3 weeks ago
AFFiNE: One-click Remote Code Execution through Custom URL Handling

AFFiNE is an open-source, all-in-one workspace and an operating system. Prior to version 0.25.4, there is a one-click remote code execution vulnerability. This vulnerability can be exploited by embedding a specially crafted affine: URL on a website. An attacker can trigger the vulnerability in two common scenarios: 1/ A victim visits a malicious website controlled by the attacker and the website redirect to the URL automatically, or 2/ A victim clicks on a crafted link embedded on a legitimate website (e.g., in user-generated content). In both cases, the browser invokes AFFiNE custom URL handler, which launches the AFFiNE app and processes the crafted URL. This results in arbitrary code execution on the victim’s machine, without further interaction. This issue has been patched in version 0.25.4.

Affected products

AFFiNE
  • ==< 0.25.4

Matching in nixpkgs

pkgs.affine

Workspace with fully merged docs, whiteboards and databases

pkgs.python313Packages.affinegap

Cython implementation of the affine gap string distance

  • nixos-unstable 2
    • nixpkgs-unstable 2
    • nixos-unstable-small 2
  • nixos-25.11 1.12
    • nixos-25.11-small 1.12
    • nixpkgs-25.11-darwin 1.12

Package maintainers