CVE-2026-5223 | rust-lang Cargo up to 1.95.x symlink

May 25, 2026 Yanac

A vulnerability has been found in rust-lang Cargo up to 1.95.x and classified as critical. Affected by this issue is some unknown functionality. Performing a manipulation results in symlink following.

This vulnerability is reported as CVE-2026-5223. The attack is possible to be carried out remotely. No exploit exists.

The affected component should be upgraded.VulDB Recent EntriesRead More

CVE-2026-5222 | rust-lang Cargo up to 1.95.x non-canonical url paths for authorization decisions
CVE-2026-45361 | Apache Airflow Google Provider up to 21.x SSH Host-Key Verification key exchange without entity authentication