Rsync version 3.4.2 and prior contain an integer overflow vulnerability in the compressed-token decoder where a 32-bit signed counter is not checked for overflow, allowing a malicious sender to trigger an overflow that causes the receiver process to read and return data from outside the intended buffer bounds. Attackers can exploit this vulnerability to disclose process memory contents including environment variables, passwords, heap and stack data, and library memory pointers, significantly reducing ASLR effectiveness and facilitating further exploitation.
CVE-2026-43618
Score 8.1 from GitHub Security Advisory published 2026-05-20. NVD baseline CVSS 8.1; sources differ by 0.0.
- High severity, but no confirmed exploitation yet
A fix is available — apply it.
- CVSS v3
- 8.1
- EG Score
- 8.1(medium)
- EPSS
- 51.5%
- KEV
- Not listed
Published
May 20, 2026
Last Modified
June 30, 2026
Advisory Details (3)
Auto-updated May 20, 2026Rsync < 3.4.3 Integer Overflow Information Disclosure | Advisories | VulnCheck
https://www.vulncheck.com/advisories/rsync-integer-overflow-information-disclosurersync: Integer overflow in compressed-token decoding enables remote memory dump · Advisory · RsyncProject/rsync · GitHub
Affected: 3.4.3
https://github.com/RsyncProject/rsync/security/advisories/GHSA-g37v-g3gj-pmwqRelease v3.4.3 · RsyncProject/rsync · GitHub
https://github.com/RsyncProject/rsync/releases/tag/v3.4.3Vendor Advisories for CVE-2026-43618(6)
These vendors published their own advisory mentioning this CVE — often with vendor-specific remediation steps + affected product lists not in NVD.
- RHSA-2026:29197Red Hat Product SecurityHigh
Red Hat Security Advisory: A Subscription Management tool for finding and reporting Red Hat product usage
- RHSA-2026:26410Red Hat Product SecurityHigh
Red Hat Security Advisory: rsync security update
- RHSA-2026:26408Red Hat Product SecurityHigh
Red Hat Security Advisory: rsync security update
- RHSA-2026:26332Red Hat Product SecurityHigh
Red Hat Security Advisory: rsync security, bug fix, and enhancement update
- CVE-2026-43618Microsoft Security Response Center (MSRC)High
Rsync < 3.4.3 Integer Overflow Information Disclosure
- GHSA-88m5-cm5m-2596GitHub Security AdvisoriesMedium
Rsync version 3.4.2 and prior contain an integer overflow vulnerability in the compressed-token...
Patch Availability(6)
| Vendor / Ecosystem | Fixed in / Patch | Released | Source |
|---|---|---|---|
| ubuntu | rsync (3.4.1+ds1-7ubuntu0.2) @ resolute | 2026-06-29 | ubuntu |
| ubuntu | rsync (3.1.1-3ubuntu1.3+esm5) @ xenial | 2026-06-29 | ubuntu |
| redhat | discovery/discovery-ui-rhel9:1782166952 | 2026-06-24 | redhat |
| redhat | rsync-0:3.4.4-1.el10_2 | 2026-06-16 | redhat |
| redhat | rsync-0:3.1.3-27.el8_10 | 2026-06-16 | redhat |
| redhat | rsync-0:3.2.5-7.el9_8.2 | 2026-06-16 | redhat |
Patches are aggregated from vendor advisories (Red Hat, Microsoft, Cisco, GitHub) and package ecosystems (OSV, GHSA). Multiple rows for the same upstream release have been deduplicated.
Weakness Classification(2)
MITRE Common Weakness Enumeration — the root-cause categories this CVE belongs to.
Additional Vendor Advisories
(2)
Vendors that published advisories for this CVE beyond the curated set above. Broader coverage but minimal per-row detail — click through for the original advisory.
Data Freshness Timeline
(refreshed 6× in last 7d / 120× in last 30d)
Each row is a source pipeline that fetched or updated this CVE on that date, with what changed. For example, "NVD update" means NVD published or revised its analysis for this CVE; "MITRE cvelistV5" means we ingested or refreshed it from the CNA feed. Most recent first.
Showing the most recent 100 of 182 total refreshes for this CVE.
- 2026-07-06 16:27 UTCEPSS rescore
- 2026-07-06 02:23 UTCEPSS rescore
- 2026-07-05 02:30 UTCEPSS rescore
- 2026-07-04 06:31 UTCEPSS rescore
- 2026-07-01 15:07 UTCEPSS rescore
- 2026-06-30 23:22 UTCEPSS rescore
- 2026-06-29 20:33 UTCEG score recompute
- 2026-06-29 20:33 UTCVendor advisory
- 2026-06-29 20:33 UTCGHSA enrichment
- 2026-06-29 14:06 UTCEPSS rescore
- 2026-06-28 14:07 UTCEPSS rescore
- 2026-06-28 09:16 UTCEG score recompute
- 2026-06-28 09:16 UTCVendor advisory
- 2026-06-28 09:15 UTCGHSA enrichment
- 2026-06-28 04:56 UTCEPSS rescore
- 2026-06-27 20:48 UTCEG score recompute
- 2026-06-27 20:48 UTCVendor advisory
- 2026-06-27 20:48 UTCGHSA enrichment
- 2026-06-27 08:07 UTCEG score recompute
- 2026-06-27 08:07 UTCVendor advisory
- 2026-06-27 08:07 UTCGHSA enrichment
- 2026-06-27 03:08 UTCEPSS rescore
- 2026-06-26 19:41 UTCEG score recompute
- 2026-06-26 19:41 UTCVendor advisory
- 2026-06-26 19:41 UTCGHSA enrichment
Show 75 moreShow fewer
- 2026-06-26 04:51 UTCEG score recompute
- 2026-06-26 04:51 UTCVendor advisory
- 2026-06-26 04:51 UTCGHSA enrichment
- 2026-06-25 16:25 UTCEG score recompute
- 2026-06-25 16:25 UTCVendor advisory
- 2026-06-25 16:25 UTCGHSA enrichment
- 2026-06-25 13:49 UTCEPSS rescore
- 2026-06-25 13:49 UTCEPSS rescore
- 2026-06-24 14:05 UTCEPSS rescore
- 2026-06-23 21:33 UTCEPSS rescore
- 2026-06-22 14:25 UTCEPSS rescore
- 2026-06-22 14:25 UTCEPSS rescore
- 2026-06-21 14:56 UTCEPSS rescore
- 2026-06-21 14:56 UTCEPSS rescore
- 2026-06-21 01:59 UTCEPSS rescore
- 2026-06-19 19:25 UTCEPSS rescore
- 2026-06-18 17:52 UTCEPSS rescore
- 2026-06-18 17:52 UTCEPSS rescore
- 2026-06-18 00:01 UTCEG score recompute
- 2026-06-18 00:01 UTCVendor advisory
- 2026-06-18 00:01 UTCGHSA enrichment
- 2026-06-17 17:53 UTCEPSS rescore
- 2026-06-17 11:34 UTCEG score recompute
- 2026-06-17 11:34 UTCVendor advisory
- 2026-06-17 11:34 UTCGHSA enrichment
- 2026-06-16 20:21 UTCEG score recompute
- 2026-06-16 20:21 UTCVendor advisory
- 2026-06-16 20:21 UTCGHSA enrichment
- 2026-06-16 17:52 UTCEPSS rescore
- 2026-06-16 04:55 UTCEG score recompute
- 2026-06-16 04:55 UTCVendor advisory
- 2026-06-16 04:55 UTCGHSA enrichment
- 2026-06-15 17:49 UTCEPSS rescore
- 2026-06-15 16:23 UTCEG score recompute
- 2026-06-15 16:23 UTCVendor advisory
- 2026-06-15 16:23 UTCGHSA enrichment
- 2026-06-15 03:47 UTCEG score recompute
- 2026-06-15 03:47 UTCVendor advisory
- 2026-06-15 03:47 UTCGHSA enrichment
- 2026-06-14 15:21 UTCEG score recompute
- 2026-06-14 15:21 UTCVendor advisory
- 2026-06-14 15:21 UTCGHSA enrichment
- 2026-06-14 02:48 UTCEG score recompute
- 2026-06-14 02:48 UTCVendor advisory
- 2026-06-14 02:48 UTCGHSA enrichment
- 2026-06-13 23:00 UTCEPSS rescore
- 2026-06-13 14:17 UTCEG score recompute
- 2026-06-13 14:17 UTCVendor advisory
- 2026-06-13 14:17 UTCGHSA enrichment
- 2026-06-13 01:10 UTCEG score recompute
- 2026-06-13 01:10 UTCVendor advisory
- 2026-06-13 01:09 UTCGHSA enrichment
- 2026-06-12 23:12 UTCEPSS rescore
- 2026-06-12 23:12 UTCEPSS rescore
- 2026-06-12 12:42 UTCEG score recompute
- 2026-06-12 12:42 UTCVendor advisory
- 2026-06-12 12:42 UTCGHSA enrichment
- 2026-06-12 00:16 UTCEG score recompute
- 2026-06-12 00:16 UTCVendor advisory
- 2026-06-12 00:16 UTCGHSA enrichment
- 2026-06-11 14:00 UTCEPSS rescore
- 2026-06-11 11:50 UTCEG score recompute
- 2026-06-11 11:50 UTCVendor advisory
- 2026-06-11 11:50 UTCGHSA enrichment
- 2026-06-10 23:23 UTCEG score recompute
- 2026-06-10 23:23 UTCVendor advisory
- 2026-06-10 23:23 UTCGHSA enrichment
- 2026-06-10 22:18 UTCEPSS rescore
- 2026-06-10 13:22 UTCEPSS rescore
- 2026-06-10 13:22 UTCEPSS rescore
- 2026-06-10 10:57 UTCEG score recompute
- 2026-06-10 10:57 UTCVendor advisory
- 2026-06-10 10:57 UTCGHSA enrichment
- 2026-06-09 22:31 UTCEG score recompute
- 2026-06-09 22:31 UTCVendor advisory
Related CVEs(same vendor + same CWE)
Same vendor
10 shownmsrc · redhat
Same CWE
10 shownCWE-190 · CWE-125
- CVE-2009-0947EG 9.8CRITICAL
- CVE-2005-1141EG 9.8CRITICAL
- CVE-2005-0102EG 9.8CRITICAL
- CVE-2002-0391EG 9.8EPSS 99%CRITICAL
- CVE-2002-0639EG 9.8EPSS 97%CRITICAL
- CVE-1999-0006EG 9.8EPSS 96%CRITICAL
- CVE-2011-1823NVD 7.8EG 9.0 KEVEPSS 99%HIGH
- CVE-2011-0663EG 8.8EPSS 98%HIGH
- CVE-2010-2753EG 8.8EPSS 93%HIGH
- CVE-2010-0130EG 8.8EPSS 94%HIGH
Frequently asked(5)
What is CVE-2026-43618?
When was CVE-2026-43618 disclosed?
Is CVE-2026-43618 actively exploited?
What is the CVSS score of CVE-2026-43618?
How do I remediate CVE-2026-43618?
Dependency Blast Radius
Explore the affected products and dependency analysis for CVE-2026-43618
Is Your Infrastructure Affected by CVE-2026-43618?
EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.