CVE-2026-30794 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Improper Certificate Validation vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (HTTP API client, TLS tr…
Critical CVSS: 9.1

CVE-2026-30794

Improper Certificate Validation vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (HTTP API client, TLS transport modules) allows Adversary in the Middle (AiTM). This vulnerability is associated with program files src/hbbs_http/http_client.Rs and program routines TLS retry with danger_accept_invalid_certs(true).

This issue affects RustDesk Client: through 1.4.5.
Vendor
Rustdesk
Product
Rustdesk
CWE
CWE-295
Yayın Tarihi
2026-03-05 16:16:20
Güncelleme
2026-03-25 15:29:08
Source Identifier
2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe
KEV Date Added
-

Kategoriler

CWE-295 Rustdesk CRITICAL Rustdesk 2026

Referanslar

https://docs.google.com/document/d/e/2PACX-1vSds6jjpd38oO_yIAyd1HYtKNUuea-I-ozAPpGhYI7QgAU-QGJ7D8a4rOZVj1vmiUXV1EcdRHf9aZAW/pub https://github.com/rustdesk/rustdesk https://www.vulsec.org/