NixOS is a Linux distribution built on top of the Nix package manager. It is completely declarative, its system configurations are reproducible, makes configuration changes reliable and atomic, and eliminates configuration drift.

NixOS

Homebrew is a free and open-source software package management system that simplifies the installation of software on Apple's macOS operating system and Linux. The name is intended to suggest the idea of building software on the Mac depending on the user's taste. Originally written by Max Howell, the package manager has gained popularity in the Ruby on Rails community and earned praise for its extensibility.

Homebrew

A vulnerability, which was classified as critical, has been found in Axiomatic Bento4. Affected by this issue is the function AP4_DataBuffer::SetDataSize of the component Avcinfo. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-212564.

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2025-68120	MEDIUM	5.4	NixOS	go	No	Yes	Dec 30, 2025
CVE-2025-69413	MEDIUM	5.3	NixOS	code.gitea.io/gitea	No	Yes	Jan 01, 2026
CVE-2025-15412	MEDIUM	4.8	NixOS	wabt	No	No	Jan 01, 2026
CVE-2025-15411	MEDIUM	4.8	NixOS	wabt	No	No	Jan 01, 2026
CVE-2025-68932	LOW	2.9	NixOS	freshrss	No	Yes	Dec 27, 2025

CVE-2022-3785:
NixOS vulnerability analysis and mitigation

Overview

Technical details

Impact

Additional resources

7.8

Related NixOS vulnerabilities:

Benchmark your Cloud Security Posture

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?

CVE-2022-3785: NixOS vulnerability analysis and mitigation