Recent vulnerabilities

Recent vulnerabilities from
Select from 70 available sources using the dropdown above.
ID Description Published Updated
rustsec-2026-0150 audiopus_sys is unmaintained 2026-05-21T12:00:00Z 2026-05-22T10:09:18Z
rustsec-2026-0149 WASI path_open(TRUNCATE) bypasses `FilePerms::WRITE` host restriction 2026-05-21T12:00:00Z 2026-05-22T10:02:28Z
rustsec-2025-0162 `VMABuffer::set_data` may allow out-of-bounds writes from safe code 2025-04-23T12:00:00Z 2026-05-20T13:32:31Z
rustsec-2026-0148 OCI layer symlink escape β†’ arbitrary host write 2026-05-16T12:00:00Z 2026-05-20T10:00:58Z
rustsec-2026-0147 Read-only volume remount bypass via guest CAP_SYS_ADMIN 2026-05-16T12:00:00Z 2026-05-20T09:41:31Z
rustsec-2026-0137 Possible unaligned data access for implementations of `SqliteAggregate` 2026-04-24T12:00:00Z 2026-05-20T07:14:04Z
rustsec-2026-0136 Command injection in Diesel's implementation of `COPY FROM`/`COPY TO` 2026-04-24T12:00:00Z 2026-05-20T07:14:04Z
rustsec-2026-0125 Signature Verification on AVX2 Platforms Mishandles Edge Case 2026-05-05T12:00:00Z 2026-05-20T07:14:04Z
rustsec-2026-0124 Potential Panic on Overlong Ciphertext Buffer 2026-03-29T12:00:00Z 2026-05-20T07:14:04Z
rustsec-2026-0140 DNS rebinding and cross-origin CSRF in dynoxide's MCP HTTP transport 2026-05-12T12:00:00Z 2026-05-19T05:50:44Z
rustsec-2026-0146 `InterfaceAccount` allows account substitution between unexpected types 2026-05-08T12:00:00Z 2026-05-19T04:53:18Z
rustsec-2026-0145 PAX Header Desynchronization in astral-tokio-tar 2026-05-18T12:00:00Z 2026-05-19T04:53:18Z
rustsec-2026-0144 `Program<System>` accepts arbitrary executable programs 2026-05-07T12:00:00Z 2026-05-18T19:28:44Z
rustsec-2026-0132 Potential out-of-bounds write via public `Context` fields 2026-05-02T12:00:00Z 2026-05-17T20:07:58Z
rustsec-2026-0122 Potential use-after-free due to lack of panic safety in `InlineVec::clear` and `SerVec::clear` 2026-04-23T12:00:00Z 2026-05-16T07:08:02Z
rustsec-2026-0143 Double-free in `vmem` storage reachable from safe Rust 2026-05-14T12:00:00Z 2026-05-14T21:26:19Z
rustsec-2026-0142 Double-free in `vmem` storage reachable from safe Rust (predecessor of `oneringbuf`) 2026-05-14T12:00:00Z 2026-05-14T21:26:19Z
rustsec-2026-0141 TLS hostname verification disabled when using Boring TLS backend 2026-05-14T12:00:00Z 2026-05-14T09:14:38Z
rustsec-2026-0139 Null-pointer dereference and double-free via safe APIs 2026-05-02T12:00:00Z 2026-05-13T14:54:08Z
rustsec-2026-0138 Unsound access to padding bytes while serializing date/time values using the Mysql backend 2026-04-30T12:00:00Z 2026-05-13T14:16:31Z
rustsec-2026-0135 Unsound transmute while debug/display printing batch Insert statements in Diesel's SQLite backend 2026-04-24T12:00:00Z 2026-05-13T14:16:31Z
rustsec-2026-0134 Unsound access to padding bytes while serializing date/time values using the Mysql backend 2026-04-24T12:00:00Z 2026-05-13T14:16:31Z
rustsec-2026-0133 Invalid pointer arithmetic in `iter()` and `iter_mut()` 2026-05-02T12:00:00Z 2026-05-13T12:38:12Z
rustsec-2026-0131 Double-free in `Chomp::inner()` 2026-05-02T12:00:00Z 2026-05-13T12:38:12Z
rustsec-2026-0130 Out-of-bounds read/write in `Index` and `IndexMut` implementations 2026-05-02T12:00:00Z 2026-05-13T12:34:44Z
rustsec-2026-0129 Buffer overflow in `Clusterings::from_i32_column_major_order()` 2026-05-02T12:00:00Z 2026-05-13T12:34:44Z
rustsec-2026-0128 Double-free and use-after-free in `Keys::next()` 2026-05-02T12:00:00Z 2026-05-13T12:19:05Z
rustsec-2026-0127 Integer overflow in `array::ReadWrite::new()` leading to potential memory corruption 2026-05-02T12:00:00Z 2026-05-13T12:16:15Z
rustsec-2026-0126 AVX2 Implementation Did Not Fully Reduce Intermediate Values 2026-04-27T12:00:00Z 2026-05-13T10:05:44Z
rustsec-2026-0123 Out-of-bounds read in `bytes_helper` public safe functions 2026-05-02T12:00:00Z 2026-05-12T17:04:47Z