VYPR
Medium severity4.3OSV Advisory· Published Nov 18, 2025· Updated Apr 15, 2026

CVE-2025-10158

CVE-2025-10158

Description

A malicious client acting as the receiver of an rsync file transfer can trigger an out of bounds read of a heap based buffer, via a negative array index. The

malicious

rsync client requires at least read access to the remote rsync module in order to trigger the issue.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

17

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.