{"uuid": "980dad12-39e8-4a7a-bfe2-2edcf0633eab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41035", "type": "seen", "source": "https://bsky.app/profile/billstatler.forum.statler.ws.ap.brid.gy/post/3mn3hpd77feh2", "content": "Many people are reverting to old versions of rsync after discovering that the maintainer has recently been using Claude. But please be aware of this:\n\nCVE-2026-41035\n\n\n> In rsync 3.0.1 through 3.4.1, receive_xattr relies on an untrusted length value during a qsort call, leading to a receiver [\u2026]", "creation_timestamp": "2026-05-30T16:26:04.293711Z"}