CVE-2026-25137 — AI Deep Analysis Summary

🚨 **Essence**: Nixpkgs database manager is exposed without authentication. <br>💥 **Consequences**: Unauthorized access to the database, leading to potential data theft or system compromise.

🛡️ **CWE-552**: Files or directories accessible to the wrong actor. <br>🔍 **Flaw**: The database interface lacks proper access controls, leaving it open to the public.

📦 **Affected**: Nixpkgs versions **21.11** through **25.11** (before 26.05). <br>🏢 **Vendor**: NixOS.

🕵️ **Hackers Can**: Access the database directly. <br>🔓 **Privileges**: No authentication required. <br>📉 **Impact**: High Confidentiality (C:H) and High Availability (A:H) impact.

⚡ **Threshold**: LOW. <br>🔑 **Auth**: None required (PR:N). <br>🌐 **Access**: Network accessible (AV:N). <br>🎯 **Complexity**: Low (AC:L).

🚫 **Public Exploit**: No PoC provided in data. <br>📉 **Wild Exploitation**: Unlikely immediate widespread abuse, but easy to exploit manually.

🔍 **Self-Check**: Scan for exposed Nixpkgs database ports/interfaces. <br>🛡️ **Verify**: Ensure no public access to the database manager endpoint.

✅ **Fixed**: Yes. <br>🔗 **Patch**: See GitHub Advisory [GHSA-cwmq-6wv5-f3px](https://github.com/NixOS/nixpkgs/security/advisories/GHSA-cwmq-6wv5-f3px). <br>📝 **PRs**: #485310, #485454.

🛡️ **Workaround**: Restrict network access to the database manager. <br>🔒 **Mitigation**: Implement authentication if immediate patching isn't possible.

🔥 **Urgency**: HIGH. <br>⚠️ **Reason**: CVSS Score indicates Critical impact (High Conf/Avail) with no auth needed. Patch immediately!