Widespread Rust library forks exposed to remote code execution risk

October 22, 2025 Yanac

CyberScoop reports that an abandoned Rust code library async-tar, which has been reused in several forks, contains a major security flaw, tracked as CVE-2025-62518, that allows remote code execution through file overwriting and affects many other projects built from it.SCM feed for Endpoint/Device SecurityRead More