CVE-2026-43618HIGH 8.1EPSS p46.0%

CVE-2026-43618CVE-2026-43618

Description

Rsync version 3.4.2 and prior contain an integer overflow vulnerability in the compressed-token decoder where a 32-bit signed counter is not checked for overflow, allowing a malicious sender to trigger an overflow that causes the receiver process to read and return data from outside the intended buffer bounds. Attackers can exploit this vulnerability to disclose process memory contents including environment variables, passwords, heap and stack data, and library memory pointers, significantly reducing ASLR effectiveness and facilitating further exploitation.

Scoring

CVSS 3.18.1 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
EPSS0.64% probability of exploitation · percentile 46.0% · 2026-06-18T12:00:27Z
Published2026-05-20
Last modified2026-05-21

Underlying weaknesses· 2

CWE-125CWE-190

References

  1. https://github.com/RsyncProject/rsync/releases/tag/v3.4.3
  2. https://github.com/RsyncProject/rsync/security/advisories/GHSA-g37v-g3gj-pmwq
  3. https://www.vulncheck.com/advisories/rsync-integer-overflow-information-disclosure

2

TypeTargetConfidenceTier
WeaknessOut-of-bounds Readcwe-1250%live
WeaknessInteger Overflow or Wraparoundcwe-1900%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-30472
CVE
CVE-2026-33845
CVE
CVE-2025-48724
CVE
CVE-2026-4424
CVE
CVE-2025-48723
CVE
CVE-2026-39834
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.