CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

18 matches found

SUSE CVE•added 2026/04/10 11:25 p.m.•4 views

SUSE CVE-2026-39860

Nix is a package manager for Linux and other Unix systems. A bug in the fix for CVE-2024-27297 allowed for arbitrary overwrites of files writable by the Nix process orchestrating the builds typically the Nix daemon running as root in multi-user installations by following symlinks during...

9CVSS5.9AI score0.00193EPSS

Exploits0References3

Cvelist•added 2026/04/08 8:58 p.m.•16 views

CVE-2026-39860 Nix sandbox escape: file write via symlink at FOD `.tmp` copy destination

9CVSS0.00193EPSS

Exploits0References6

Vulnrichment•added 2026/04/08 8:58 p.m.•2 views

CVE-2026-39860 Nix sandbox escape: file write via symlink at FOD `.tmp` copy destination

9CVSS6.7AI score0.00193EPSS

Exploits0References6

EUVD•added 2026/04/08 8:58 p.m.•3 views

EUVD-2026-20626

9CVSS6AI score0.00586EPSS

Exploits1References6

CVE•added 2026/04/08 8:58 p.m.•37 views

CVE-2026-39860

CVE-2026-39860 affects Nix, via a bug in the fix for CVE-2024-27297 that allowed arbitrary overwrites of files writable by the Nix build orchestrator (typically the root-running Nix daemon in multi-user setups) by following symlinks during fixed-output derivation output registration. Impact is li...

9CVSS6AI score0.00193EPSS

Exploits0References6Affected Software1

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2024-24524

Malicious code in bioql PyPI...

6.3CVSS6.4AI score0.00586EPSS

Exploits1References3

RedhatCVE•added 2025/05/23 8:10 a.m.•5 views

CVE-2024-27297

Nix is a package manager for Linux and other Unix systems. A fixed-output derivations on Linux can send file descriptors to files in the Nix store to another program running on the host or another fixed-output derivation via Unix domain sockets in the abstract namespace. This allows to modify the...

6.3CVSS6.5AI score0.00586EPSS

Exploits1References1

OSV•added 2024/03/11 10:15 p.m.•3 views

DEBIAN-CVE-2024-27297

5.9CVSS6.2AI score0.00586EPSS

Exploits1References1

NVD•added 2024/03/11 10:15 p.m.•11 views

CVE-2024-27297

6.3CVSS6.2AI score0.00586EPSS

Exploits1References4

UbuntuCve•added 2024/03/11 10:15 p.m.•20 views

CVE-2024-27297

6.3CVSS6.4AI score0.00586EPSS

Exploits1References7

Prion•added 2024/03/11 10:15 p.m.•30 views

Design/Logic Flaw

4.1CVSS6.2AI score0.00586EPSS

Exploits1References3

OSV•added 2024/03/11 10:15 p.m.•0 views

UBUNTU-CVE-2024-27297

6.3CVSS5.8AI score0.00586EPSS

Exploits1References8

Debian CVE•added 2024/03/11 9:24 p.m.•20 views

CVE-2024-27297

6.3CVSS6.2AI score0.00586EPSS

Exploits1

Vulnrichment•added 2024/03/11 9:24 p.m.•17 views

CVE-2024-27297 Nix Corruption of fixed-output derivations

6.3CVSS6.5AI score0.00586EPSS

Exploits1References3

Cvelist•added 2024/03/11 9:24 p.m.•16 views

CVE-2024-27297 Nix Corruption of fixed-output derivations

6.3CVSS6.4AI score0.00586EPSS

Exploits1References3

OSV•added 2024/03/11 9:24 p.m.•19 views

CVE-2024-27297 Nix Corruption of fixed-output derivations

6.3CVSS6.2AI score0.00586EPSS

Exploits1References6

CNNVD•added 2024/03/11 12:0 a.m.•4 views

Nix Security Vulnerabilities

Nix is a powerful package manager from Nix open source. It is used for making packages. A security vulnerability exists in Nix 2.20.3 and earlier versions, which stems from the fact that a fixed-output derivation on Linux can send a file descriptor from Nix storage to another program running on t...

6.3CVSS6.7AI score0.00586EPSS

Exploits1References4

Positive Technologies•added 2024/03/07 12:0 a.m.•4 views

PT-2024-2626

Name of the Vulnerable Software and Affected Versions Nix versions prior to 2.3.18 Nix versions prior to 2.18.2 Nix versions prior to 2.19.4 Nix versions prior to 2.20.5 Description The issue is related to errors in synchronization when using a shared resource in the Nix package manager for Unix...

9CVSS6.7AI score0.00586EPSS

Exploits1References27

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by