Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Cvelist
Cvelistadded 2026/02/09 8:17 p.m.23 views

CVE-2026-25740 Privilege escalation to the `CAP_NET_RAW` capability via the `programs.captive-browser` NixOS module

captive browser, a dedicated Chrome instance to log into captive portals without messing with DNS settings. In 25.05 and earlier, when programs.captive-browser is enabled, any user of the system can run arbitrary commands with the CAPNETRAW capability binding to privileged ports, spoofing localho...

5.8CVSS0.00007EPSS
Exploits0References3
CVE
CVEadded 2026/01/19 6:14 p.m.21 views

CVE-2026-23838

CVE-2026-23838 affects Tandoor Recipes when installed via Nix and using the default configuration with SQLite and default MEDIA_ROOT. Versions 23.05 through 26.04 (prior to 26.05) are vulnerable because the NixOS module sets the working directory and MEDIA_ROOT to /var/lib/tandoor-recipes, causin...

8.7CVSS5.6AI score0.00164EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/01/19 6:14 p.m.9 views

CVE-2026-23838 Tandoor Recipes module allows SQLite database to be externally accessible with the default settings

Tandoor Recipes is a recipe manager than can be installed with the Nix package manager. Starting in version 23.05 and prior to version 26.05, when using the default configuration of Tandoor Recipes, specifically using SQLite and default MEDIAROOT, the full database file may be externally...

8.7CVSS0.00164EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/01/19 6:14 p.m.1 views

CVE-2026-23838 Tandoor Recipes module allows SQLite database to be externally accessible with the default settings

Tandoor Recipes is a recipe manager than can be installed with the Nix package manager. Starting in version 23.05 and prior to version 26.05, when using the default configuration of Tandoor Recipes, specifically using SQLite and default MEDIAROOT, the full database file may be externally...

8.7CVSS5.6AI score0.00164EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2025/11/17 9:38 p.m.3 views

CVE-2025-64766 NixOS has hardcoded credentials in Onlyoffice module

NixOS's Onlyoffice is a software suite that offers online and offline tools for document editing, collaboration, and management. In versions from 22.11 to before 25.05 and versions before Unstable 25.11, a hard-coded secret was used in the NixOS module for the OnlyOffice document server to protec...

5.3CVSS6.4AI score0.00049EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2025/11/17 12:0 a.m.2 views

PT-2025-47210

Name of the Vulnerable Software and Affected Versions Onlyoffice versions 22.11 through 25.05 Onlyoffice versions prior to Unstable 25.11 Description Onlyoffice is a software suite providing tools for document editing, collaboration, and management. A hard-coded secret within the NixOS module for...

5.3CVSS6.6AI score0.00049EPSS
Exploits0References9
Rows per page
Query Builder