Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-53819

Nix is a package manager for Linux and other Unix systems. Builds with Nix 2.30.0 on macOS were executed with elevated privileges (root), instead of the build users. The fix was applied to Nix 2.30.1. No known workarounds are available.

Published

2025-07-14T21:15:28.120

Last Modified

2025-07-15T13:14:24.053

Status

Awaiting Analysis

Source

[email protected]

Severity

CVSSv3.1: 7.9 (HIGH)

Weaknesses

Type: Primary
CWE-271

Affected Vendors & Products

References

https://github.com/NixOS/nix/commit/e2ef2cfcbc83ea01308ee64c38a58707ab23dec3 ([email protected])
https://github.com/NixOS/nix/pull/13281 ([email protected])
https://github.com/NixOS/nix/pull/13455 ([email protected])
https://github.com/NixOS/nix/security/advisories/GHSA-qc7j-jgf3-qmhg ([email protected])