NixOS is a Linux distribution built on top of the Nix package manager. It is completely declarative, its system configurations are reproducible, makes configuration changes reliable and atomic, and eliminates configuration drift.

NixOS

Firefox is a free and open-source web browser developed by the Mozilla Foundation.

Mozilla Firefox

Mozilla Thunderbird is a free, open-source, cross-platform application for managing email, news feeds, chat, and newsgroups.

Mozilla Thunderbird

Homebrew is a free and open-source software package management system that simplifies the installation of software on Apple's macOS operating system and Linux. The name is intended to suggest the idea of building software on the Mac depending on the user's taste. Originally written by Max Howell, the package manager has gained popularity in the Ruby on Rails community and earned praise for its extensibility.

Homebrew

Ubuntu is a Linux distribution based on Debian, mostly composed of free and open-source software. Ubuntu is officially released in three editions: Desktop, Server, and Core for internet of things devices and robots. All the editions can run on the computer alone or in a virtual machine.

Linux Ubuntu

Incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability affects Firefox < 149.0.2 and Thunderbird < 149.0.2.

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2026-5735	CRITICAL	9.8	NixOS	firefox	No	Yes	Apr 07, 2026
CVE-2026-5734	CRITICAL	9.8	NixOS	cpe:2.3:a:mozilla:firefox:::::esr:::*	No	Yes	Apr 07, 2026
CVE-2026-5733	HIGH	8.8	NixOS	cpe:2.3:a:mozilla:firefox	No	Yes	Apr 07, 2026
CVE-2026-5732	HIGH	8.8	NixOS	cpe:2.3:a:mozilla:thunderbird	No	Yes	Apr 07, 2026
CVE-2026-34589	HIGH	8.4	Python	OpenEXR	No	Yes	Apr 06, 2026

CVE-2026-5733:
NixOS vulnerability analysis and mitigation

8.8

Related NixOS vulnerabilities:

Benchmark your Cloud Security Posture

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?

CVE-2026-5733: NixOS vulnerability analysis and mitigation