VYPR
Vendor

Rustdesk

Products
1
CVEs
12
Across products
12
Status
Private

Products

1

Recent CVEs

12
  • CVE-2026-2490MedFeb 20, 2026
    risk 0.36cvss 5.5epss 0.00

    RustDesk Client for Windows Transfer File Link Following Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of RustDesk Client for Windows. An attacker must first obtain the ability to…

  • CVE-2026-30785Mar 5, 2026
    risk 0.00cvss epss 0.00

    Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution'), Use of Password Hash With Insufficient Computational Effort vulnerability in rustdesk-client RustDesk Client rustdesk, hbb_common on Windows, MacOS, Linux (Password security module, config…

  • CVE-2026-30783Mar 5, 2026
    risk 0.00cvss epss 0.00

    A vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient (Client signaling, API sync loop, config management modules) allows Privilege Abuse. This vulnerability is associated with program files…

  • CVE-2026-30789Mar 5, 2026
    risk 0.00cvss epss 0.00

    Authentication Bypass by Capture-replay, Use of Password Hash With Insufficient Computational Effort vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Client login, peer authentication modules) allows Reusing Session IDs…

  • CVE-2026-30798Mar 5, 2026
    risk 0.00cvss epss 0.00

    Insufficient Verification of Data Authenticity, Improper Handling of Exceptional Conditions vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Heartbeat sync loop, strategy processing modules) allows Protocol Manipulation.…

  • CVE-2026-30797Mar 5, 2026
    risk 0.00cvss epss 0.00

    Missing Authorization vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Flutter URI scheme handler, config import modules) allows Application API Message Manipulation via Man-in-the-Middle. This vulnerability is associated…

  • CVE-2026-30795Mar 5, 2026
    risk 0.00cvss epss 0.00

    Cleartext Transmission of Sensitive Information vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Heartbeat sync loop modules) allows Sniffing Attacks. This vulnerability is associated with program files…

  • CVE-2026-30794Mar 5, 2026
    risk 0.00cvss epss 0.00

    Improper Certificate Validation vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (HTTP API client, TLS transport modules) allows Adversary in the Middle (AiTM). This vulnerability is associated with program files…

  • CVE-2026-30793Mar 5, 2026
    risk 0.00cvss epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Flutter URI scheme handler, FFI bridge modules) allows Privilege Escalation. This vulnerability is associated with program files…

  • CVE-2026-30792Mar 5, 2026
    risk 0.00cvss epss 0.00

    A vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient (Strategy sync, HTTP API client, config options engine modules) allows Application API Message Manipulation via Man-in-the-Middle. This vulnerability is…

  • CVE-2026-30791Mar 5, 2026
    risk 0.00cvss epss 0.00

    Use of a Broken or Risky Cryptographic Algorithm vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient (Config import, URI scheme handler, CLI --config modules) allows Retrieve Embedded Sensitive Data. This…

  • CVE-2024-25140Feb 6, 2024
    risk 0.00cvss epss 0.01

    A default installation of RustDesk 1.2.3 on Windows places a WDKTestCert certificate under Trusted Root Certification Authorities with Enhanced Key Usage of Code Signing (1.3.6.1.5.5.7.3.3), valid from 2023 until 2033. This is potentially unwanted, e.g., because there is no…