Rsync

Rsync versions before 3.4.3 are vulnerable to a TOCTOU race condition allowing attackers with write access to a module path to redirect file writes outside intended directories by replacing parent directory components with symbolic links, potentially leading to privilege escalation when the daemon runs with elevated privileges and chroot is disabled.

Rsync versions 3.4.2 and prior contain an integer overflow vulnerability (CVE-2026-43618) in the compressed-token decoder, allowing a malicious sender to trigger out-of-bounds memory access on the receiver and disclose sensitive process memory.