Nixpkgs security tracker

Permalink CVE-2026-5740

7.5 HIGH

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): None (N)
User Interaction (UI): None (N)
Scope (S): Unchanged (U)
Confidentiality (C): None (N)
Integrity (I): None (N)
Availability (A): High (H)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): None (N)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): None (N)
Modified Availability (MA): High (H)

created 1 week, 3 days ago Activity log

Created suggestion 1 week, 3 days ago

Unauthenticated WebSocket binary frame causes denial of service in Mattermost Server

Mattermost versions 11.6.x <= 11.6.0, 11.5.x <= 11.5.3, 11.4.x <= 11.4.4, 10.11.x <= 10.11.14 fail to properly validate msgpack-encoded WebSocket frames before memory allocation which allows an unauthenticated remote attacker to crash the server process and cause a full service outage for all users via a crafted binary WebSocket message sent to the public WebSocket endpoint.. Mattermost Advisory ID: MMSA-2026-00647

References

MMSA-2026-00647 vendor-advisory

Affected products

Mattermost

==11.4.5
==10.11.15
==11.7.0
=<11.6.0
=<11.5.3
=<11.4.4
==11.5.4
==11.6.1
=<10.11.14

Matching in nixpkgs

pkgs.mattermost

Open source platform for secure collaboration across the entire software development lifecycle

nixos-unstable 11.6.1
- nixpkgs-unstable 11.6.1
- nixos-unstable-small 11.6.1
nixos-25.11 10.11.15
- nixos-25.11-small 10.11.15
- nixpkgs-25.11-darwin 10.11.15

pkgs.mattermostLatest

Open source platform for secure collaboration across the entire software development lifecycle

nixos-unstable 11.6.1
- nixpkgs-unstable 11.6.1
- nixos-unstable-small 11.6.1
nixos-25.11 11.5.3
- nixos-25.11-small 11.5.3
- nixpkgs-25.11-darwin 11.5.3

pkgs.mattermost-desktop

Mattermost Desktop client

nixos-unstable 6.1.2
- nixpkgs-unstable 6.1.2
- nixos-unstable-small 6.1.2
nixos-25.11 6.1.2
- nixos-25.11-small 6.1.2
- nixpkgs-25.11-darwin 6.1.2

pkgs.python312Packages.mattermostdriver

Python Mattermost Driver

nixos-25.11 7.3.2
- nixos-25.11-small 7.3.2
- nixpkgs-25.11-darwin 7.3.2

pkgs.python313Packages.mattermostdriver

Python Mattermost Driver

nixos-unstable 7.3.2
- nixpkgs-unstable 7.3.2
- nixos-unstable-small 7.3.2
nixos-25.11 7.3.2
- nixos-25.11-small 7.3.2
- nixpkgs-25.11-darwin 7.3.2

pkgs.python314Packages.mattermostdriver

Python Mattermost Driver

nixos-unstable 7.3.2
- nixpkgs-unstable 7.3.2
- nixos-unstable-small 7.3.2

Package maintainers

@mgdelacroix Miguel de la Cruz <mgdelacroix@gmail.com>
@ryantm Ryan Mulligan <ryan@ryantm.com>
@numinit Morgan Jones <me+nixpkgs@numin.it>
@liff Olli Helenius <liff@iki.fi>
@yayayayaka Yaya <github@uwu.is>
@jokogr Ioannis Koutras <ioannis.koutras@gmail.com>
@globin Robin Gloster <mail@glob.in>

Permalink CVE-2026-44048

8.8 HIGH

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): Low (L)
User Interaction (UI): None (N)
Scope (S): Unchanged (U)
Confidentiality (C): High (H)
Integrity (I): High (H)
Availability (A): High (H)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): Low (L)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): High (H)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): High (H)
Modified Availability (MA): High (H)

created 1 week, 4 days ago Activity log

Created suggestion 1 week, 4 days ago

Stack buffer overflow via UCS-2 type confusion in convert_charset()

A stack-based buffer overflow via UCS-2 type confusion in convert_charset() in Netatalk 2.0.4 through 4.4.2 allows a remote authenticated attacker to execute arbitrary code or cause a denial of service.

References

Netatalk Security Advisory CVE-2026-44048 vendor-advisory

Affected products

Netatalk

=<4.4.2
==4.4.3

Matching in nixpkgs

pkgs.netatalk

Apple Filing Protocol Server

nixos-unstable 4.4.2
- nixpkgs-unstable 4.4.3
- nixos-unstable-small 4.4.3
nixos-25.11 4.2.4
- nixos-25.11-small 4.2.4
- nixpkgs-25.11-darwin 4.2.4

Package maintainers

@erichelgeson Eric Helgeson <erichelgeson@gmail.com>
@jcumming Jack Cummings <jack@mudshark.org>

Permalink CVE-2026-44051

8.1 HIGH

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): Low (L)
User Interaction (UI): None (N)
Scope (S): Unchanged (U)
Confidentiality (C): High (H)
Integrity (I): High (H)
Availability (A): None (N)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): Low (L)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): High (H)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): High (H)
Modified Availability (MA): None (N)

created 1 week, 4 days ago Activity log

Created suggestion 1 week, 4 days ago

Arbitrary file read via attacker-controlled symlink creation

An improper link resolution vulnerability in Netatalk 3.0.2 through 4.4.2 allows a remote authenticated attacker to read arbitrary files or overwrite arbitrary files via attacker-controlled symlink creation.

References

Netatalk Security Advisory CVE-2026-44051 vendor-advisory

Affected products

Netatalk

=<4.4.2
==4.4.3

Matching in nixpkgs

pkgs.netatalk

Apple Filing Protocol Server

nixos-unstable 4.4.2
- nixpkgs-unstable 4.4.3
- nixos-unstable-small 4.4.3
nixos-25.11 4.2.4
- nixos-25.11-small 4.2.4
- nixpkgs-25.11-darwin 4.2.4

Package maintainers

@erichelgeson Eric Helgeson <erichelgeson@gmail.com>
@jcumming Jack Cummings <jack@mudshark.org>

Permalink CVE-2026-44054

6.5 MEDIUM

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): Low (L)
User Interaction (UI): None (N)
Scope (S): Unchanged (U)
Confidentiality (C): None (N)
Integrity (I): None (N)
Availability (A): High (H)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): Low (L)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): None (N)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): None (N)
Modified Availability (MA): High (H)

created 1 week, 4 days ago Activity log

Created suggestion 1 week, 4 days ago

Predictable afpd session token

Netatalk 2.0.0 through 4.4.2 generates AFP session tokens derived from predictable process IDs, which allows a remote authenticated attacker to cause a denial of service by exploiting the reconnect mechanism.

References

Netatalk Security Advisory CVE-2026-44054 vendor-advisory

Affected products

Netatalk

=<4.4.2
==4.4.3

Matching in nixpkgs

pkgs.netatalk

Apple Filing Protocol Server

nixos-unstable 4.4.2
- nixpkgs-unstable 4.4.3
- nixos-unstable-small 4.4.3
nixos-25.11 4.2.4
- nixos-25.11-small 4.2.4
- nixpkgs-25.11-darwin 4.2.4

Package maintainers

@erichelgeson Eric Helgeson <erichelgeson@gmail.com>
@jcumming Jack Cummings <jack@mudshark.org>

Permalink CVE-2026-7837

3.7 LOW

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): High (H)
Privileges Required (PR): None (N)
User Interaction (UI): None (N)
Scope (S): Unchanged (U)
Confidentiality (C): None (N)
Integrity (I): Low (L)
Availability (A): None (N)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): High (H)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): None (N)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): Low (L)
Modified Availability (MA): None (N)

created 1 week, 4 days ago Activity log

Created suggestion 1 week, 4 days ago

TOCTOU with root privilege in ad_flush

A time-of-check time-of-use (TOCTOU) condition in the ad_flush function in Netatalk 3.0.0 through 4.4.2 involves root-privileged file operations, which may allow a remote attacker to cause limited data modification under specific race conditions.

References

Netatalk Security Advisory CVE-2026-7837 vendor-advisory

Affected products

Netatalk

=<4.4.2
==4.5.0

Matching in nixpkgs

pkgs.netatalk

Apple Filing Protocol Server

nixos-unstable 4.4.2
- nixpkgs-unstable 4.4.3
- nixos-unstable-small 4.4.3
nixos-25.11 4.2.4
- nixos-25.11-small 4.2.4
- nixpkgs-25.11-darwin 4.2.4

Package maintainers

@erichelgeson Eric Helgeson <erichelgeson@gmail.com>
@jcumming Jack Cummings <jack@mudshark.org>

Permalink CVE-2026-44064

7.1 HIGH

CVSS version (CVSS): 3.1
Attack Vector (AV): Adjacent (A)
Attack Complexity (AC): Low (L)
Privileges Required (PR): None (N)
User Interaction (UI): None (N)
Scope (S): Unchanged (U)
Confidentiality (C): Low (L)
Integrity (I): None (N)
Availability (A): High (H)
Modified Attack Vector (MAV): Adjacent (A)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): Low (L)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): None (N)
Modified Availability (MA): High (H)

created 1 week, 4 days ago Activity log

Created suggestion 1 week, 4 days ago

ASP session ID out-of-bounds access

An out-of-bounds read in ASP session ID handling in Netatalk 1.3 through 4.4.2 allows an adjacent network attacker to obtain limited information or cause a denial of service via a crafted ASP request.

References

Netatalk Security Advisory CVE-2026-44064 vendor-advisory

Affected products

Netatalk

=<4.4.2
==4.4.3

Matching in nixpkgs

pkgs.netatalk

Apple Filing Protocol Server

nixos-unstable 4.4.2
- nixpkgs-unstable 4.4.3
- nixos-unstable-small 4.4.3
nixos-25.11 4.2.4
- nixos-25.11-small 4.2.4
- nixpkgs-25.11-darwin 4.2.4

Package maintainers

@erichelgeson Eric Helgeson <erichelgeson@gmail.com>
@jcumming Jack Cummings <jack@mudshark.org>

Permalink CVE-2026-44065

4.2 MEDIUM

CVSS version (CVSS): 3.1
Attack Vector (AV): Adjacent (A)
Attack Complexity (AC): High (H)
Privileges Required (PR): None (N)
User Interaction (UI): None (N)
Scope (S): Unchanged (U)
Confidentiality (C): None (N)
Integrity (I): Low (L)
Availability (A): Low (L)
Modified Attack Vector (MAV): Adjacent (A)
Modified Attack Complexity (MAC): High (H)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): None (N)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): Low (L)
Modified Availability (MA): Low (L)

created 1 week, 4 days ago Activity log

Created suggestion 1 week, 4 days ago

Off-by-two in papd lp_write()

An off-by-two error in lp_write() in papd in Netatalk 2.0.0 through 4.4.2 allows an adjacent network attacker to modify limited data or cause a minor service disruption via crafted print data.

References

Netatalk Security Advisory CVE-2026-44065 vendor-advisory

Affected products

Netatalk

=<4.4.2
==4.5.0

Matching in nixpkgs

pkgs.netatalk

Apple Filing Protocol Server

nixos-unstable 4.4.2
- nixpkgs-unstable 4.4.3
- nixos-unstable-small 4.4.3
nixos-25.11 4.2.4
- nixos-25.11-small 4.2.4
- nixpkgs-25.11-darwin 4.2.4

Package maintainers

@erichelgeson Eric Helgeson <erichelgeson@gmail.com>
@jcumming Jack Cummings <jack@mudshark.org>

Permalink CVE-2026-44060

7.5 HIGH

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): None (N)
User Interaction (UI): None (N)
Scope (S): Unchanged (U)
Confidentiality (C): None (N)
Integrity (I): None (N)
Availability (A): High (H)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): None (N)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): None (N)
Modified Availability (MA): High (H)

created 1 week, 4 days ago Activity log

Created suggestion 1 week, 4 days ago

Integer underflow in dsi_writeinit() leads to denial of service

An integer underflow in dsi_writeinit() in Netatalk 1.5.0 through 4.4.2 allows a remote unauthenticated attacker to cause a denial of service via a crafted DSI write request.

References

Netatalk Security Advisory CVE-2026-44060 vendor-advisory

Affected products

Netatalk

=<4.4.2
==4.4.3

Matching in nixpkgs

pkgs.netatalk

Apple Filing Protocol Server

nixos-unstable 4.4.2
- nixpkgs-unstable 4.4.3
- nixos-unstable-small 4.4.3
nixos-25.11 4.2.4
- nixos-25.11-small 4.2.4
- nixpkgs-25.11-darwin 4.2.4

Package maintainers

@erichelgeson Eric Helgeson <erichelgeson@gmail.com>
@jcumming Jack Cummings <jack@mudshark.org>

Permalink CVE-2026-4858

8.0 HIGH

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): High (H)
Privileges Required (PR): Low (L)
User Interaction (UI): Required (R)
Scope (S): Changed (C)
Confidentiality (C): High (H)
Integrity (I): High (H)
Availability (A): High (H)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): High (H)
Modified Privileges Required (MPR): Low (L)
Modified User Interaction (MUI): Required (R)
Modified Confidentiality (MC): High (H)
Modified Scope (MS): Changed (C)
Modified Integrity (MI): High (H)
Modified Availability (MA): High (H)

created 1 week, 4 days ago Activity log

Created suggestion 1 week, 4 days ago

Path traversal in integration action URL leading to arbitrary API execution via system admin’s auth token.

Mattermost versions 11.6.x <= 11.6.0, 11.5.x <= 11.5.3, 11.4.x <= 11.4.4, 10.11.x <= 10.11.14 fail to check integration URL for path traversal which allows an malicious authenticated user to call an arbitrary API via system admin Mattermost auth token using via path traversal in integration action URL.. Mattermost Advisory ID: MMSA-2026-00640

References

MMSA-2026-00640 vendor-advisory

Affected products

Mattermost

=<11.4.4
=<10.11.14
=<11.6.0
==10.11.15
==11.6.1
=<11.5.3
==11.5.4
==11.7.0
==11.4.5

Matching in nixpkgs

pkgs.mattermost

Open source platform for secure collaboration across the entire software development lifecycle

nixos-unstable 11.6.1
- nixpkgs-unstable 11.6.1
- nixos-unstable-small 11.6.1
nixos-25.11 10.11.15
- nixos-25.11-small 10.11.15
- nixpkgs-25.11-darwin 10.11.15

pkgs.mattermostLatest

Open source platform for secure collaboration across the entire software development lifecycle

nixos-unstable 11.6.1
- nixpkgs-unstable 11.6.1
- nixos-unstable-small 11.6.1
nixos-25.11 11.5.3
- nixos-25.11-small 11.5.3
- nixpkgs-25.11-darwin 11.5.3

pkgs.mattermost-desktop

Mattermost Desktop client

nixos-unstable 6.1.2
- nixpkgs-unstable 6.1.2
- nixos-unstable-small 6.1.2
nixos-25.11 6.1.2
- nixos-25.11-small 6.1.2
- nixpkgs-25.11-darwin 6.1.2

pkgs.python312Packages.mattermostdriver

Python Mattermost Driver

nixos-25.11 7.3.2
- nixos-25.11-small 7.3.2
- nixpkgs-25.11-darwin 7.3.2

pkgs.python313Packages.mattermostdriver

Python Mattermost Driver

nixos-unstable 7.3.2
- nixpkgs-unstable 7.3.2
- nixos-unstable-small 7.3.2
nixos-25.11 7.3.2
- nixos-25.11-small 7.3.2
- nixpkgs-25.11-darwin 7.3.2

pkgs.python314Packages.mattermostdriver

Python Mattermost Driver

nixos-unstable 7.3.2
- nixpkgs-unstable 7.3.2
- nixos-unstable-small 7.3.2

Package maintainers

@mgdelacroix Miguel de la Cruz <mgdelacroix@gmail.com>
@ryantm Ryan Mulligan <ryan@ryantm.com>
@numinit Morgan Jones <me+nixpkgs@numin.it>
@liff Olli Helenius <liff@iki.fi>
@yayayayaka Yaya <github@uwu.is>
@jokogr Ioannis Koutras <ioannis.koutras@gmail.com>
@globin Robin Gloster <mail@glob.in>

Permalink CVE-2026-44050

9.9 CRITICAL

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): Low (L)
User Interaction (UI): None (N)
Scope (S): Changed (C)
Confidentiality (C): High (H)
Integrity (I): High (H)
Availability (A): High (H)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): Low (L)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): High (H)
Modified Scope (MS): Changed (C)
Modified Integrity (MI): High (H)
Modified Availability (MA): High (H)

created 1 week, 4 days ago Activity log

Created suggestion 1 week, 4 days ago

Heap buffer overflow in CNID daemon comm_rcv()

A heap-based buffer overflow in the CNID daemon comm_rcv() function in Netatalk 2.0.0 through 4.4.2 allows a remote authenticated attacker to execute arbitrary code with escalated privileges or cause a denial of service.

References

Netatalk Security Advisory CVE-2026-44050 vendor-advisory

Affected products

Netatalk

=<4.4.2
==4.4.3

Matching in nixpkgs

pkgs.netatalk

Apple Filing Protocol Server

nixos-unstable 4.4.2
- nixpkgs-unstable 4.4.3
- nixos-unstable-small 4.4.3
nixos-25.11 4.2.4
- nixos-25.11-small 4.2.4
- nixpkgs-25.11-darwin 4.2.4

Package maintainers

@erichelgeson Eric Helgeson <erichelgeson@gmail.com>
@jcumming Jack Cummings <jack@mudshark.org>

Automatically generated suggestions

References

Affected products

Matching in nixpkgs

pkgs.mattermost

pkgs.mattermostLatest

pkgs.mattermost-desktop

pkgs.python312Packages.mattermostdriver

pkgs.python313Packages.mattermostdriver

pkgs.python314Packages.mattermostdriver

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.netatalk

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.netatalk

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.netatalk

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.netatalk

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.netatalk

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.netatalk

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.netatalk

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.mattermost

pkgs.mattermostLatest

pkgs.mattermost-desktop

pkgs.python312Packages.mattermostdriver

pkgs.python313Packages.mattermostdriver

pkgs.python314Packages.mattermostdriver

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.netatalk

Package maintainers