EUVD-2026-20626

🗓️ 08 Apr 2026 20:58:22Reported by EUVDType

Nix fixed-output bug allowed root overwrites via symlinks in multi-user Linux builds; fixed.

Reporter	Title	Published	Views	Family All 50
AlpineLinux	CVE-2024-27297	11 Mar 202421:24	–	alpinelinux
BDU FSTEC	The vulnerability of the Nix package manager in Unix operating systems, related to synchronization errors when using shared resources, allows a perpetrator to modify the output of package processes in the Nix store.	6 Apr 202400:00	–	bdu_fstec
Circl	CVE-2024-27297	11 Mar 202423:27	–	circl
Circl	CVE-2026-39860	8 Apr 202623:36	–	circl
CNNVD	Nix Security Vulnerabilities	11 Mar 202400:00	–	cnnvd
CNNVD	Nix 安全漏洞	8 Apr 202600:00	–	cnnvd
CVE	CVE-2024-27297	11 Mar 202421:24	–	cve
CVE	CVE-2026-39860	8 Apr 202620:58	–	cve
Cvelist	CVE-2024-27297 Nix Corruption of fixed-output derivations	11 Mar 202421:24	–	cvelist
Cvelist	CVE-2026-39860 Nix sandbox escape: file write via symlink at FOD `.tmp` copy destination	8 Apr 202620:58	–	cvelist

[
  {
    "enisaIdVendor": [
      {
        "id": "077c1052-4392-38f4-9f08-a252cb3088a7",
        "vendor": {
          "name": "NixOS"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "471f335a-23e5-3aab-bd82-b3553f2130e1",
        "product": {
          "name": "nix"
        },
        "product_version": "2.32.0, < 2.32.7"
      },
      {
        "id": "4bf19f48-510b-3ada-8f8a-19d80bde5ec9",
        "product": {
          "name": "nix"
        },
        "product_version": "2.18.2, ≤ 2.18.9"
      },
      {
        "id": "5455e2c3-0be9-3a39-be79-2c31755cd350",
        "product": {
          "name": "nix"
        },
        "product_version": "2.31.0, < 2.31.4"
      },
      {
        "id": "5e47726d-0df8-3463-8bbc-5016c685c1ba",
        "product": {
          "name": "nix"
        },
        "product_version": "2.33.0, < 2.33.4"
      },
      {
        "id": "75d57c7c-5f09-3e60-ba68-8e452ba84466",
        "product": {
          "name": "nix"
        },
        "product_version": "2.30.0, < 2.30.4"
      },
      {
        "id": "8937f8a1-168c-38a6-9c7b-2687b5c1b608",
        "product": {
          "name": "nix"
        },
        "product_version": "2.19.4, ≤ 2.19.7"
      },
      {
        "id": "c1f27128-2699-3c2b-a90a-79073ebb24b5",
        "product": {
          "name": "nix"
        },
        "product_version": "2.21, < 2.28.6"
      },
      {
        "id": "e8af8e11-e163-3545-aed4-b344e7df6e86",
        "product": {
          "name": "nix"
        },
        "product_version": "2.20.5, ≤ 2.20.9"
      },
      {
        "id": "f54bf767-0dc0-3c1b-8c0b-4d80cae8639a",
        "product": {
          "name": "nix"
        },
        "product_version": "2.34.0, < 2.34.5"
      },
      {
        "id": "f68c054e-eda4-36b4-bd68-e43a32c52cc8",
        "product": {
          "name": "nix"
        },
        "product_version": "2.29.0, < 2.29.3"
      }
    ]
  }
]

Source	Link
github	www.github.com/NixOS/nix/security/advisories/GHSA-g3g9-5vj6-r3gj
github	www.github.com/NixOS/nix/pull/10178
github	www.github.com/NixOS/nix/commit/244f3eee0bbc7f11e9b383a15ed7368e2c4becc9
github	www.github.com/NixOS/nix/commit/4bc5a3510fa3735798f9ed3a2a30a3ea7b32343a
github	www.github.com/NixOS/nix/commit/7794354a982449927ee7401cdeb573ddd16c4688
github	www.github.com/NixOS/nix/commit/a3163b9eabb952b4aa96e376dea95ebcca97b31a

08 Apr 2026 20:58Current

6Medium risk

Vulners AI Score6

CVSS 3.15.9 - 9

EPSS0.00062

SSVC