CVE-2026-43620 | RsyncProject rsync up to 3.4.2 receiver.c recv_files out-of-bounds (GHSA-28pw-r563-rxvm)

A vulnerability has been found in RsyncProject rsync up to 3.4.2 and classified as problematic. Affected by this vulnerability is the function recv_files of the file receiver.c. Performing a manipulation results in out-of-bounds read.

This vulnerability is known as CVE-2026-43620. Remote exploitation of the attack is possible. No exploit is available.

The affected component should be upgraded.VulDB Recent EntriesRead More