Nixos Nixpkgs
5 CVEs affecting Nixos Nixpkgs. Latest disclosed: 2026-02-09. Critical: 1, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-25137 | Critical | 9.1 | 2026-02-02 | The NixOs Odoo package is an open source ERP and CRM system. From 21.11 to before 25.11 and 26.05, every NixOS based Odoo setup publicly exposes the database m… |
CVE-2025-32438 | High | 8.8 | 2025-04-15 | make-initrd-ng is a tool for copying binaries and their dependencies. Local privilege escalation affecting all NixOS users. With systemd.shutdownRamfs.enable e… |
CVE-2025-64766 | Medium | 5.3 | 2025-11-17 | NixOS's Onlyoffice is a software suite that offers online and offline tools for document editing, collaboration, and management. In versions from 22.11 to befo… |
CVE-2026-25740 | | 2026-02-09 | captive browser, a dedicated Chrome instance to log into captive portals without messing with DNS settings. In 25.05 and earlier, when programs.captive-browser… | |
CVE-2026-23838 | | 2026-01-19 | Tandoor Recipes is a recipe manager than can be installed with the Nix package manager. Starting in version 23.05 and prior to version 26.05, when using the de… |