7.5
CVE-2026-29054 - Traefik: lowercase `Connection` tokens can delete traefik-managed forwarded identity headers (for eโฆ
Traefik is an HTTP reverse proxy and load balancer. From version 2.11.9 to 2.11.37 and from version 3.1.3 to 3.6.8, there is a potential vulnerability in Traefik managing the Connection header with X-Forwarded headers. When Traefik processes HTTP/1.1 requests, the protection put in place to preventโฆ
7.5
CVE-2026-26999 - Traefik: tcp router clears read deadlines before tls forwarding, enabling stalled handshakes (slowlโฆ
Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.38 and 3.6.9, there is a potential vulnerability in Traefik managing TLS handshake on TCP routers. When Traefik processes a TLS connection on a TCP router, the read deadline used to bound protocol sniffing is cleared before โฆ
4.4
CVE-2026-26998 - Traefik: unbounded io.ReadAll on auth server response body causes OOM denial of service(DOS)
Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.38 and 3.6.9, there is a potential vulnerability in Traefik managing the ForwardAuth middleware responses. When Traefik is configured to use the ForwardAuth middleware, the response body from the authentication server is reaโฆ
8.2
CVE-2026-30785 - RustDesk Encrypts Local Passwords with World-Readable Machine ID and Fixed Zero Nonce (XSalsa20-Polโฆ
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution'), Use of Password Hash With Insufficient Computational Effort vulnerability in rustdesk-client RustDesk Client rustdesk, hbb_common on Windows, MacOS, Linux (Password security module, config encryption, machineโฆ
8.8
CVE-2026-30784 - RustDesk hbbs/hbbr Servers Broker Connections Without Any Authorization Check
Missing Authorization, Missing Authentication for Critical Function vulnerability in rustdesk-server RustDesk Server rustdesk-server, rustdesk-server-pro on hbbs/hbbr on all server platforms (Rendezvous server (hbbs), relay server (hbbr) modules) allows Privilege Abuse. This vulnerability is associโฆ
8.8
CVE-2026-30783 - RustDesk Client Can Orphan API Channel to Ignore All Admin Commands and ACL Policies
A vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient (Client signaling, API sync loop, config management modules) allows Privilege Abuse. This vulnerability is associated with program files src/rendezvous_mediator.Rs, src/hbbs_http/synโฆ
9.3
CVE-2026-30790 - RustDesk Server Controls All Handshake Entropy (Salt/Challenge), Enabling Offline Brute-Force
Improper Restriction of Excessive Authentication Attempts, Use of Password Hash With Insufficient Computational Effort vulnerability in rustdesk-server-pro RustDesk Server Pro rustdesk-server-pro on Windows, MacOS, Linux (Peer authentication, API login modules), rustdesk-server RustDesk Server (OSSโฆ
9.3
CVE-2026-30789 - RustDesk Client Generates Auth Proof Without Client-Side Nonce, Enabling Replay Attacks
Authentication Bypass by Capture-replay, Use of Password Hash With Insufficient Computational Effort vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Client login, peer authentication modules) allows Reusing Session IDs (aka Session Replay). Tโฆ
8.2
CVE-2026-30798 - RustDesk Client Accepts Unauthenticated stop-service Command via Strategy Payload
Insufficient Verification of Data Authenticity, Improper Handling of Exceptional Conditions vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Heartbeat sync loop, strategy processing modules) allows Protocol Manipulation. This vulnerability is โฆ
9.3
CVE-2026-30797 - RustDesk rustdesk://config/ URI Silently Re-homes Client to Attacker-Controlled Server
Missing Authorization vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Flutter URI scheme handler, config import modules) allows Application API Message Manipulation via Man-in-the-Middle. This vulnerability is associated with program files flโฆ