CVE-2026-30792

216.73.216.123

· Published 05/03/2026 16:16 · Modified 05/03/2026 19:38

Labels: CVE-2026-30792 2026-03-05 2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe CVE-2026-30792 CWE-657

Essential information

Published: 05/03/2026 16:16
Modified: 05/03/2026 19:38
Author: —
Creator: —
CVSS: 9.1 CRITICAL (v3) 9.1 CRITICAL (v4.0)
CISA KEV: No
CWE: —
CVSS vector: —

CVSS metrics

Description

A vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient (Strategy sync, HTTP API client, config options engine modules) allows Application API Message Manipulation via Man-in-the-Middle. This vulnerability is associated with program files src/hbbs_http/sync.Rs, hbb_common/src/config.Rs and program routines Strategy merge loop in sync.Rs, Config::set_options(). This issue affects RustDesk Client: through 1.4.5.

NVD status

Status: Undergoing Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source: 2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe
NVD: View on NVD

Affected products (CPE)

Product	CPE
rustdesk / rustdesk client	`cpe:2.3:a:rustdesk:rustdesk_client:<1.4.5:::::::*`