Product

Rsync <= 3.4.2

1 brief RSS

Rsync Integer Overflow Vulnerability Leading to Information Disclosure (CVE-2026-43618)

Rsync versions 3.4.2 and prior contain an integer overflow vulnerability (CVE-2026-43618) in the compressed-token decoder, allowing a malicious sender to trigger out-of-bounds memory access on the receiver and disclose sensitive process memory.

rsync <= 3.4.2 integer overflow information disclosure rsync

1r 2t 1c 18h ago