CVE-2026-30789

216.73.216.233

· Published 05/03/2026 16:16 · Modified 05/03/2026 19:38

Labels: CVE-2026-30789 2026-03-05 2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe CVE-2026-30789 CWE-294

Essential information

Published: 05/03/2026 16:16
Modified: 05/03/2026 19:38
Author: —
Creator: —
CVSS: 9.3 CRITICAL (v3) 9.3 CRITICAL (v4.0)
CISA KEV: No
CWE: —
CVSS vector: —

CVSS metrics

Description

Authentication Bypass by Capture-replay, Use of Password Hash With Insufficient Computational Effort vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Client login, peer authentication modules) allows Reusing Session IDs (aka Session Replay). This vulnerability is associated with program files src/client.Rs and program routines hash_password(), login proof construction. This issue affects RustDesk Client: through 1.4.5.

NVD status

Status: Undergoing Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source: 2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe
NVD: View on NVD

Affected products (CPE)

Product	CPE
rustdesk / rustdesk client	`cpe:2.3:a:rustdesk:rustdesk_client::::::::`