VYPR
Unrated severityNVD Advisory· Published Mar 5, 2026· Updated Mar 6, 2026

RustDesk Client Accepts Pseudo-Encrypted Config Strings Without Cryptographic Validation

CVE-2026-30791

Description

Use of a Broken or Risky Cryptographic Algorithm vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient (Config import, URI scheme handler, CLI --config modules) allows Retrieve Embedded Sensitive Data. This vulnerability is associated with program files flutter/lib/common.Dart, hbb_common/src/config.Rs and program routines parseRustdeskUri(), importConfig().

This issue affects RustDesk Client: through 1.4.5.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.