CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

NVD•added 2026/05/28 6:16 p.m.•7 views

CVE-2026-45311

CodeWhale is a DeepSeek + MiMo coding agent in terminal. From 0.3.0 to 0.8.23, the runtests tool executes cargo test in the workspace with ApprovalRequirement::Auto, meaning it runs without any user approval prompt. cargo test compiles and executes arbitrary code: test binaries, build.rs build...

9.6CVSS0.00047EPSS

Exploits0References1

Fedora•added 2025/11/03 1:7 a.m.•4 views

[SECURITY] Fedora 42 Update: rust-attribute-derive-0.10.5-1.fc42

Clap like parsing for attributes in proc-macros...

8.1CVSS7AI score0.00017EPSS

Exploits1

Fedora•added 2025/11/03 1:2 a.m.•25 views

[SECURITY] Fedora 41 Update: rust-attribute-derive-0.10.5-1.fc41

Clap like parsing for attributes in proc-macros...

8.1CVSS7AI score0.00017EPSS

Exploits1

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2021-1616

Malware in sbrugna...

9.8CVSS9.2AI score0.03365EPSS

Exploits1References6

Fedora•added 2024/10/24 1:28 a.m.•5 views

[SECURITY] Fedora 40 Update: rust-pyo3-macros-0.22.4-1.fc40

Proc macros for PyO3 package...

7.4AI score

Exploits0

Fedora•added 2024/10/24 1:20 a.m.•7 views

[SECURITY] Fedora 39 Update: rust-pyo3-macros-0.22.4-1.fc39

Proc macros for PyO3 package...

7.4AI score

Exploits0

OSV•added 2021/08/25 8:56 p.m.•15 views

GHSA-79WF-QCQV-R22R Remote code execution in better-macro

An issue was discovered in the better-macro crate through 2021-07-22 for Rust. It intentionally demonstrates that remote attackers can execute arbitrary code via proc-macros, and otherwise has no legitimate purpose...

9.8CVSS9.8AI score0.03365EPSS

Exploits1References4

OSV•added 2021/08/08 6:15 a.m.•1 views

CVE-2021-38196

9.8CVSS6.1AI score

Exploits0References2

Prion•added 2021/08/08 6:15 a.m.•11 views

Code injection

7.5CVSS9.8AI score0.03365EPSS

Exploits1References2Affected Software1

CVE•added 2021/08/08 5:7 a.m.•100 views

CVE-2021-38196

CVE-2021-38196 relates to the Rust crate better-macro , where a deliberate RCE via proc-macros was demonstrated through 2021-07-22. The connected documents confirm remote code execution potential and a purposefully malicious context, with coverage across RustSec, GHSA, OSV, and national advisorie...

9.8CVSS9.7AI score0.03365EPSS

Exploits1References2Affected Software1

RustSec•added 2021/07/22 12:0 p.m.•14 views

`better-macro` has deliberate RCE to prove a point

better-macro is a fake crate which is "Proving A Point" that proc-macros can run arbitrary code. This is not a particularly novel or interesting observation. It currently opens https://github.com/raycar5/better-macro/blob/master/doc/hi.md which doesn't appear to have any malicious content, but...

9.8CVSS1.3AI score0.03365EPSS

Exploits1Affected Software1

OSV•added 2021/07/22 12:0 p.m.•20 views

RUSTSEC-2021-0077 `better-macro` has deliberate RCE to prove a point

9.8CVSS9.4AI score0.03365EPSS

Exploits1References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by