NixOS is a Linux distribution built on top of the Nix package manager. It is completely declarative, its system configurations are reproducible, makes configuration changes reliable and atomic, and eliminates configuration drift.

NixOS

Line is a popular communication app originating from Japan that offers free texting, voice and video calls, as well as chat communities, social networking features, and a wide range of stickers and emoticons. It provides a platform for secure and convenient communication in both personal and professional contexts. Additional features include a timeline to share moments, ability to follow official accounts for special coupons and updates, and the availability of games, shopping, and more within the app.

Line

LINE client for Android versions prior to 14.20 contains a UI spoofing vulnerability in the in-app browser where the full-screen security Toast notification is not properly re-displayed when users return from another application, potentially allowing attackers to conduct phishing attacks by impersonating legitimate interfaces.

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2025-14022	MEDIUM	6.8	NixOS	line	No	Yes	Dec 15, 2025
CVE-2025-67734	MEDIUM	5.1	NixOS	learning	No	Yes	Dec 12, 2025
CVE-2025-14023	MEDIUM	4.3	NixOS	line	No	Yes	Dec 15, 2025
CVE-2025-14021	MEDIUM	4.3	NixOS	cpe:2.3:a:linecorp:line	No	Yes	Dec 15, 2025
CVE-2025-14020	MEDIUM	4.3	NixOS	line	No	Yes	Dec 15, 2025

CVE-2025-14020:
NixOS vulnerability analysis and mitigation

4.3

Related NixOS vulnerabilities:

Benchmark your Cloud Security Posture

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?

CVE-2025-14020: NixOS vulnerability analysis and mitigation