NixOS is a Linux distribution built on top of the Nix package manager. It is completely declarative, its system configurations are reproducible, makes configuration changes reliable and atomic, and eliminates configuration drift.

NixOS

Debian GNU/Linux is a Linux distribution composed of free and open-source software.

Linux Debian

Red Hat Enterprise Linux is a Linux distribution developed by Red Hat for the commercial market.

Linux Red Hat

Alpine Linux is a Linux distribution based on musl and BusyBox, designed for security, simplicity, and resource efficiency.

Linux Alpine

Echo is a secure, minimal Linux OS built vulnerability-free. It is fully compatible across environments and continuously patched - making it a clean, dependable base layer for modern applications. Echo is used by organizations focused on security and reliability, including those with compliance or FIPS requirements.

Echo

Cap'n Proto is a data interchange format and capability-based RPC system. Prior to 1.4.0, a negative Content-Length value was converted to unsigned, treating it as an impossibly large length instead. In theory, this bug could enable HTTP request/response smuggling. This vulnerability is fixed in 1.4.0.

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2026-2370	HIGH	8.8	GitLab	gitlab	No	Yes	Mar 30, 2026
CVE-2026-33206	HIGH	8.2	NixOS	calibre	No	Yes	Mar 27, 2026
CVE-2026-33868	MEDIUM	6.1	NixOS	mastodon	No	Yes	Mar 27, 2026
CVE-2026-33869	MEDIUM	4.8	NixOS	cpe:2.3:a:joinmastodon:mastodon	No	Yes	Mar 27, 2026
CVE-2026-33205	MEDIUM	4.8	NixOS	cpe:2.3:a:calibre-ebook:calibre	No	Yes	Mar 27, 2026

CVE-2026-32239:
NixOS vulnerability analysis and mitigation

6.3

Related NixOS vulnerabilities:

Benchmark your Cloud Security Posture

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?

CVE-2026-32239: NixOS vulnerability analysis and mitigation