CVE-2026-30785 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution'), Use of Password Hash With Insufficient Computational Effort vulnerabi…
High CVSS: 8.2

CVE-2026-30785

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution'), Use of Password Hash With Insufficient Computational Effort vulnerability in rustdesk-client RustDesk Client rustdesk, hbb_common on Windows, MacOS, Linux (Password security module, config encryption, machine UID modules) allows Retrieve Embedded Sensitive Data. This vulnerability is associated with program files hbb_common/src/password_security.Rs, hbb_common/src/config.Rs, hbb_common/src/lib.Rs (get_uuid), machine-uid/src/lib.Rs and program routines symmetric_crypt(), encrypt_str_or_original(), decrypt_str_or_original(), get_uuid(), get_machine_id().

This issue affects RustDesk Client: through 1.4.5.
Vendor
Rustdesk
Product
Rustdesk
CWE
CWE-257
Yayın Tarihi
2026-03-05 16:16:19
Güncelleme
2026-03-25 15:47:08
Source Identifier
2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe
KEV Date Added
-

Kategoriler

CWE-257 Rustdesk HIGH Rustdesk 2026

Referanslar

https://docs.google.com/document/d/e/2PACX-1vSds6jjpd38oO_yIAyd1HYtKNUuea-I-ozAPpGhYI7QgAU-QGJ7D8a4rOZVj1vmiUXV1EcdRHf9aZAW/pub https://github.com/rustdesk/rustdesk/discussions/4979 https://github.com/rustdesk/rustdesk/discussions/9229 https://www.vulsec.org/