CVE-2026-39860NIX vulnerability

7 documents5 sources
Severity
9.0CRITICALNVD
OSV5.9
EPSS
0.0%
top 94.43%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Debian NIX
Timeline
PublishedApr 8
Latest updateApr 9

Description

Nix is a package manager for Linux and other Unix systems. A bug in the fix for CVE-2024-27297 allowed for arbitrary overwrites of files writable by the Nix process orchestrating the builds (typically the Nix daemon running as root in multi-user installations) by following symlinks during fixed-output derivation output registration. This affects sandboxed Linux builds - sandboxed macOS builds are unaffected. The location of the temporary output used for the output copy was located inside the bui

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:NExploitability: 2.5 | Impact: 5.8

Affected Packages1 packages

debiandebian/nix

🔴Vulnerability Details

1
OSV
CVE-2026-39860: Nix is a package manager for Linux and other Unix systems2026-04-08

📋Vendor Advisories

1
Debian
CVE-2026-39860: nix - Nix is a package manager for Linux and other Unix systems. A bug in the fix for ...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-39860 Impact, Exploitability, and Mitigation Steps | Wiz

💬Community

3
Bugzilla
CVE-2026-39860 nix: privilege escalation via symlink following during output registration [epel-all]2026-04-09
Bugzilla
CVE-2026-39860 nix: privilege escalation via symlink following during output registration [fedora-all]2026-04-09
Bugzilla
CVE-2026-39860 nix: privilege escalation via symlink following during output registration2026-04-08