GHSA-39g5-2q66-34fmCriticalCVSS 8.1

A vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS,...

Published
March 5, 2026
Last Modified
June 22, 2026

🔗 CVE IDs covered (1)

📋 Description

A vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient (Strategy sync, HTTP API client, config options engine modules) allows Application API Message Manipulation via Man-in-the-Middle. This vulnerability is associated with program files src/hbbs_http/sync.Rs, hbb_common/src/config.Rs and program routines Strategy merge loop in sync.Rs, Config::set_options().

This issue affects RustDesk Client: through 1.4.5.

🔗 References (5)