What is CVE-2025-53819?

CVE-2025-53819 is a high-severity vulnerability in Nixos Nix, classified under Privilege Dropping / Lowering Errors. CVSS score: 7.9/10. Published 2025-07-14.

How severe is CVE-2025-53819?

High severity. CVSS v3 base score is 7.9 out of 10.

Vulnerability in Nixos Nix

CVE-2025-53819

Nix is a package manager for Linux and other Unix systems. Builds with Nix 2.30.0 on macOS were executed with elevated privileges (root), instead of the build users. The fix was applied to Nix 2.30.1. No known workarounds are available.

EPSS: 0.001 (22.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.9 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:L.

Affected products

Nixos Nix — versions = 2.30.0

Weakness classification (CWE)

CWE-271 — Privilege Dropping / Lowering Errors

References

https://github.com/NixOS/nix/security/advisories/GHSA-qc7j-jgf3-qmhg (x_refsource_CONFIRM)
https://github.com/NixOS/nix/pull/13281 (x_refsource_MISC)
https://github.com/NixOS/nix/pull/13455 (x_refsource_MISC)
https://github.com/NixOS/nix/commit/e2ef2cfcbc83ea01308ee64c38a58707ab23dec3 (x_refsource_MISC)

Frequently asked questions

What is CVE-2025-53819?: CVE-2025-53819 is a high-severity vulnerability in Nixos Nix, classified under Privilege Dropping / Lowering Errors. CVSS score: 7.9/10. Published 2025-07-14.
How severe is CVE-2025-53819?: High severity. CVSS v3 base score is 7.9 out of 10.