Aggregator

CVE-2026-30783 | rustdesk-client RustDesk Client up to 1.4.5 rendezvous_mediator.Rs client-side enforcement of server-side security

1 month 3 weeks ago

A vulnerability was found in rustdesk-client RustDesk Client up to 1.4.5. It has been declared as critical. This affects an unknown part of the file src/rendezvous_mediator.Rs. Such manipulation leads to client-side enforcement of server-side security. This vulnerability is listed as CVE-2026-30783. The attack may be performed from remote. There is no available exploit.

vuldb.com

CVE-2026-30798 | rustdesk-client RustDesk Client up to 1.4.5 src/hbbs_http/sync.Rs data authenticity

VulDB Recent Entries

1 month 3 weeks ago

A vulnerability was found in rustdesk-client RustDesk Client up to 1.4.5. It has been classified as problematic. Affected by this issue is some unknown functionality of the file src/hbbs_http/sync.Rs. This manipulation causes insufficient verification of data authenticity. This vulnerability is tracked as CVE-2026-30798. The attack is possible to be carried out remotely. No exploit exists.

vuldb.com

CVE-2026-30797 | rustdesk-client RustDesk Client up to 1.4.5 URI flutter/lib/common.Dart importConfig authorization

VulDB Recent Entries

1 month 3 weeks ago

A vulnerability was found in rustdesk-client RustDesk Client up to 1.4.5 and classified as critical. Affected by this vulnerability is the function importConfig in the library flutter/lib/common.Dart of the component URI Handler. The manipulation results in missing authorization. This vulnerability is identified as CVE-2026-30797. The attack can be executed remotely. There is not any exploit available.

vuldb.com

CVE-2026-30790 | RustDesk Server Pro/RustDesk Server up to 1.7.5 src/server/connection.Rs excessive authentication

VulDB Recent Entries

1 month 3 weeks ago

A vulnerability has been found in RustDesk Server Pro and RustDesk Server up to 1.7.5 and classified as problematic. Affected is an unknown function of the file src/server/connection.Rs. The manipulation leads to improper restriction of excessive authentication attempts. This vulnerability is referenced as CVE-2026-30790. Remote exploitation of the attack is possible. No exploit is available.

vuldb.com

CVE-2026-30789 | rustdesk-client RustDesk Client up to 1.4.5 src/client.Rs hash_password authentication replay

VulDB Recent Entries

1 month 3 weeks ago

A vulnerability, which was classified as critical, was found in rustdesk-client RustDesk Client up to 1.4.5. This impacts the function hash_password of the file src/client.Rs. Executing a manipulation can lead to authentication bypass by capture-replay. The identification of this vulnerability is CVE-2026-30789. The attack may be launched remotely. There is no exploit available.

vuldb.com

CVE-2026-25048 | mlc-ai xgrammar up to 0.1.31 recursion (GHSA-7rgv-gqhr-fxg3)

VulDB Recent Entries

1 month 3 weeks ago

A vulnerability, which was classified as problematic, has been found in mlc-ai xgrammar up to 0.1.31. This affects an unknown function. Performing a manipulation results in uncontrolled recursion. This vulnerability was named CVE-2026-25048. The attack may be initiated remotely. There is no available exploit. It is advisable to upgrade the affected component.

vuldb.com

CVE-2026-30795 | rustdesk-client RustDesk Client up to 1.4.5 src/hbbs_http/sync.Rs cleartext transmission

VulDB Recent Entries

1 month 3 weeks ago

A vulnerability classified as problematic was found in rustdesk-client RustDesk Client up to 1.4.5. The impacted element is an unknown function of the file src/hbbs_http/sync.Rs. Such manipulation leads to cleartext transmission of sensitive information. This vulnerability is uniquely identified as CVE-2026-30795. The attack can be launched remotely. No exploit exists.

vuldb.com

CVE-2026-30794 | rustdesk-client RustDesk Client up to 1.4.5 http_client.Rs certificate validation

VulDB Recent Entries

1 month 3 weeks ago

A vulnerability classified as critical has been found in rustdesk-client RustDesk Client up to 1.4.5. The affected element is an unknown function of the file src/hbbs_http/http_client.Rs. This manipulation causes improper certificate validation. This vulnerability is handled as CVE-2026-30794. The attack can be initiated remotely. There is not any exploit available.

vuldb.com

CVE-2026-30792 | rustdesk-client RustDesk Client up to 1.4.5 API Message src/hbbs_http/sync.Rs Config::set_options violation of secure design principles

VulDB Recent Entries

1 month 3 weeks ago

A vulnerability described as critical has been identified in rustdesk-client RustDesk Client up to 1.4.5. Impacted is the function Config::set_options of the file src/hbbs_http/sync.Rs of the component API Message Handler. The manipulation results in violation of secure design principles. This vulnerability is known as CVE-2026-30792. It is possible to launch the attack remotely. No exploit is available.

vuldb.com

CVE-2026-30791 | rustdesk-client RustDesk Client up to 1.4.5 hbb_common/src/config.Rs parseRustdeskUri/importConfig risky encryption

VulDB Recent Entries

1 month 3 weeks ago

A vulnerability marked as problematic has been reported in rustdesk-client RustDesk Client up to 1.4.5. This issue affects the function parseRustdeskUri/importConfig in the library flutter/lib/common.Dart of the file hbb_common/src/config.Rs. The manipulation leads to risky cryptographic algorithm. This vulnerability is traded as CVE-2026-30791. It is possible to initiate the attack remotely. There is no exploit available.

vuldb.com

CVE-2026-30796 | rustdesk-server-pro RustDesk Server Pro up to 1.7.5 Address Book Sync API cleartext transmission

VulDB Recent Entries

1 month 3 weeks ago

A vulnerability labeled as problematic has been found in rustdesk-server-pro RustDesk Server Pro up to 1.7.5. This vulnerability affects unknown code of the component Address Book Sync API Module. Executing a manipulation can lead to cleartext transmission of sensitive information. This vulnerability appears as CVE-2026-30796. The attack may be performed from remote. There is no available exploit.

vuldb.com

结合真实案例讲解OWASP Top 10 for Agentic Applications for 2026

先知技术社区

1 month 3 weeks ago

结合自己发现和公开的案例来讲解这十大风险

CVE-2025-69534 | Python-Markdown up to 3.8/3.8.1 html.parser.HTMLParser denial of service (Issue 1534)

VulDB Recent Entries

1 month 3 weeks ago

A vulnerability identified as problematic has been detected in Python-Markdown up to 3.8/3.8.1. This affects the function html.parser.HTMLParser. Performing a manipulation results in denial of service. This vulnerability is reported as CVE-2025-69534. The attack is possible to be carried out remotely. No exploit exists. You should upgrade the affected component.

vuldb.com

Microsoft перешёл на тёмную сторону? Зачем Bing советует вирусы вместо полезных программ

Securitylab.ru

1 month 3 weeks ago

Привычка загружать файлы без проверки стала слишком рискованной.

Software Development Practices Help Enterprises Tackle Real-Life Risks

darkreading

1 month 3 weeks ago

Organizations can borrow secure-by-design processes to manage non-technical challenges like governance or the inevitable human error.

Arielle Waldman

ClickFix Campaign Uses Fake VCs on LinkedIn to Deliver Malware to Crypto and Web3 Professionals

Cyber Security News

1 month 3 weeks ago

A coordinated malware campaign is targeting cryptocurrency and Web3 professionals through a carefully built chain of social engineering, fake venture capital identities, and spoofed video conferencing links. First tracked in early 2026, the operation uses a technique called ClickFix to manipulate victims into running malicious commands on their own machines — making them the unwitting […]

The post ClickFix Campaign Uses Fake VCs on LinkedIn to Deliver Malware to Crypto and Web3 Professionals appeared first on Cyber Security News.

Tushar Subhra Dutta