NixOS is a Linux distribution built on top of the Nix package manager. It is completely declarative, its system configurations are reproducible, makes configuration changes reliable and atomic, and eliminates configuration drift.

NixOS

Wolfi is a community Linux OS designed for the container and cloud-native era; it is a Linux distribution based on Alpine.

Wolfi

Chainguard is a Linux distribution based on Alpine. It's the commercial version of the Wolfi distro.

Chainguard

Homebrew is a free and open-source software package management system that simplifies the installation of software on Apple's macOS operating system and Linux. The name is intended to suggest the idea of building software on the Mac depending on the user's taste. Originally written by Max Howell, the package manager has gained popularity in the Ruby on Rails community and earned praise for its extensibility.

Homebrew

Alpine Linux is a Linux distribution based on musl and BusyBox, designed for security, simplicity, and resource efficiency.

Linux Alpine

Caddy is an extensible server platform that uses TLS by default. From version 2.10.0 to before version 2.11.2, forward_auth copy_headers does not strip client-supplied headers, allowing identity injection and privilege escalation. This issue has been patched in version 2.11.2.

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2026-21010	HIGH	7.8	NixOS	android	No	No	Apr 13, 2026
CVE-2026-21012	MEDIUM	6.8	NixOS	android	No	No	Apr 13, 2026
CVE-2026-21011	MEDIUM	5.4	NixOS	android	No	No	Apr 13, 2026
CVE-2026-21008	MEDIUM	5.1	NixOS	android	No	No	Apr 13, 2026
CVE-2026-21007	MEDIUM	4.4	NixOS	android	No	No	Apr 13, 2026

CVE-2026-30851:
NixOS vulnerability analysis and mitigation

8.8

Related NixOS vulnerabilities:

Benchmark your Cloud Security Posture

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?

CVE-2026-30851: NixOS vulnerability analysis and mitigation