NixOS is a Linux distribution built on top of the Nix package manager. It is completely declarative, its system configurations are reproducible, makes configuration changes reliable and atomic, and eliminates configuration drift.

NixOS

Homebrew is a free and open-source software package management system that simplifies the installation of software on Apple's macOS operating system and Linux. The name is intended to suggest the idea of building software on the Mac depending on the user's taste. Originally written by Max Howell, the package manager has gained popularity in the Ruby on Rails community and earned praise for its extensibility.

Homebrew

n authorization flaw in Foreman's GraphQL API allows low-privileged users to access metadata beyond their assigned permissions. Unlike the REST API, which correctly enforces access controls, the GraphQL endpoint does not apply proper filtering, leading to an authorization bypass.

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2026-24660	CRITICAL	9.8	NixOS	LibRaw-static	No	Yes	Apr 07, 2026
CVE-2026-24450	CRITICAL	9.8	NixOS	LibRaw-devel	No	Yes	Apr 07, 2026
CVE-2026-21413	CRITICAL	9.8	NixOS	LibRaw-devel	No	Yes	Apr 07, 2026
CVE-2026-39883	HIGH	7.3	Packer	thanos	No	Yes	Apr 08, 2026
CVE-2026-39882	MEDIUM	5.3	Prometheus	frankenphp-8.3	No	Yes	Apr 08, 2026

CVE-2025-9572:
NixOS vulnerability analysis and mitigation

6.5

Related NixOS vulnerabilities:

Benchmark your Cloud Security Posture

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?

CVE-2025-9572: NixOS vulnerability analysis and mitigation