๐Ÿ” CVE Alert

CVE-2026-30791

UNKNOWN 0.0

RustDesk Client Accepts Pseudo-Encrypted Config Strings Without Cryptographic Validation

CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th

Use of a Broken or Risky Cryptographic Algorithm vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient (Config import, URI scheme handler, CLI --config modules) allows Retrieve Embedded Sensitive Data. This vulnerability is associated with program files flutter/lib/common.Dart, hbb_common/src/config.Rs and program routines parseRustdeskUri(), importConfig(). This issue affects RustDesk Client: through 1.4.5.

CWE CWE-327 CWE-684
Vendor rustdesk-client
Product rustdesk client
Published Mar 5, 2026
Last Updated Mar 6, 2026
Stay Ahead of the Next One

Get instant alerts for rustdesk-client rustdesk client

Be the first to know when new unknown vulnerabilities affecting rustdesk-client rustdesk client are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

rustdesk-client / RustDesk Client
0 โ‰ค 1.4.5

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
rustdesk.com: https://rustdesk.com/docs/en/client/ docs.google.com: https://docs.google.com/document/d/e/2PACX-1vSds6jjpd38oO_yIAyd1HYtKNUuea-I-ozAPpGhYI7QgAU-QGJ7D8a4rOZVj1vmiUXV1EcdRHf9aZAW/pub vulsec.org: https://www.vulsec.org/

Credits

Erez Kalman ๐Ÿ” Erez Kalman