CVE-2026-39860 | NixOS nix up to 2.34.4 on Linux symlink (GHSA-g3g9-5vj6-r3gj)
A vulnerability labeled as critical has been found in NixOS nix up to 2.34.4 on Linux. This impacts an unknown function. Executing a manipulation can lead to symlink following.
The identification of this vulnerability is CVE-2026-39860. The attack can only be executed locally. There is no exploit available.
The affected component should be upgraded.