adx (>=4.0.0 <=4.1.0), aicommits-rs (>=0.1.0 <=0.2.0) +301 more potentially affected by unknown CVE via surf (>=1.0.1 <=2.3.2)

surf CARGO version =1.0.1, =4.0.0, =0.1.0, =1.0.0, =0.3.0, =0.10.0, =0.3.0, =0.5.0, =0.1.0, =0.6.0, =0.3.0, =0.1.0, =0.0.1, =0.2.4 - async-bybit =0.0.1 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2026-0169...

aquadoggo (=0.1.0), askama_tide (>=0.10.0 <=0.15.0) +151 more potentially affected by unknown CVE via tide (>=0.0.5 <=0.9.0)

tide CARGO version =0.0.5, =0.10.0, =0.9.0, =1.14.10, =0.2.0, =2.0.0, =1.0.1, =0.1.0, =0.4.1, =6.0.0, =0.1.2, =0.0.4, =0.1.13, =0.4.0, =0.5.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2026-0170...

parley-core (=0.2.0), pqc-combo (=0.1.0) +2 more potentially affected by unknown CVE via libcrux-ml-dsa (>=0.0.4 <=0.0.8)

libcrux-ml-dsa CARGO version =0.0.4, =0.0.8 is affected by a known vulnerability. The following packages have a transitive dependency on libcrux-ml-dsa and may be impacted: - parley-core =0.2.0 - pqc-combo =0.1.0 - pqc-fips =0.0.3 - pqc-nostd =0.1.0 Source cves: unknown CVE Source advisory:...

async-std-resolver (>=0.25.0-alpha.1 <=0.25.0-alpha.5), ezk-sip-ua (>=0.5.0 <=0.7.1) +3 more potentially affected by unknown CVE via hickory-proto (=0.25.0-alpha.5)

hickory-proto CARGO version =0.25.0-alpha.5 is affected by a known vulnerability. The following packages have a transitive dependency on hickory-proto and may be impacted: - async-std-resolver =0.25.0-alpha.1, =0.5.0, =0.25.0-alpha.1, =0.25.0-alpha.5 - hickory-resolver =0.25.0-alpha.1 Source cves...

annatar (>=0.4.3 <=0.5.8), ansi2png-rs (>=0.1.0 <=0.1.1) +62 more potentially affected by unknown CVE via imageproc (>=0.10.0 <=0.22.0)

imageproc CARGO version =0.10.0, =0.4.3, =0.1.0, =0.2.0, =0.1.5, =0.1.0, =0.1.0, =1.0.0, =0.3.0, =0.1.0, =0.1.0, =1.0.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2026-0117...

RUSTSEC-2026-0086 Host data leakage with 64-bit tables and Winch

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-m9w2-8782-2946 For more information see the GitHub-hosted security advisory...

RUSTSEC-2026-0085 Panic when lifting `flags` component value

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-m758-wjhj-p3jq For more information see the GitHub-hosted security advisory...

RUSTSEC-2026-0089 Host panic when Winch compiler executes `table.fill`

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-q49f-xg75-m9xw For more information see the GitHub-hosted security advisory...

GetPDB (>=0.1.0 <=1.0.1), IMAPServer (=0.1.0) +3229 more potentially affected by unknown CVE via tokio-executor (>=0.1.10 <=0.2.0-alpha.6)

tokio-executor CARGO version =0.1.10, =0.1.0, =0.1.0, =0.1.0, =0.2.0, =0.5.3, =0.2.1, =0.1.0, =0.1.0, =0.1.0, =0.9.1 - acme-lib-load-order =0.1.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2026-0063...

IMAPServer (=0.1.0), OpenDataSH_twitter_notifier (>=0.1.0 <=0.1.2) +1861 more potentially affected by unknown CVE via tokio-uds (>=0.1.5 <=0.3.0-alpha.1)

tokio-uds CARGO version =0.1.5, =0.1.0, =0.2.0, =0.5.3, =0.2.1, =0.1.0, =0.4.0, =0.0.1, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.3.0, =0.1.0, =0.7.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2026-0050...

RUSTSEC-2026-0055 `tokio-process` is unmaintained

The tokio-process crate is unmaintained. It was part of the Tokio 0.1 ecosystem and has been superseded by the main tokio crate...

bws-web-server (>=0.1.0 <=0.1.1), pingora (>=0.1.0 <=0.6.0) +6 more potentially affected by CVE-2026-2833 via pingora-core (>=0.1.1 <=0.6.0)

pingora-core CARGO version =0.1.1, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.7 - revoke-gateway =0.3.0 - static-files-module =0.1.0 Source cves: CVE-2026-2833 Source advisory: OSV:RUSTSEC-2026-0033...

RUSTSEC-2026-0021 Panic adding excessive fields to a `wasi:http/types.fields` instance

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-243v-98vx-264h For more information see the GitHub-hosted security advisory...

Fedora 42 : rust-sequoia-keystore-server / rust-sequoia-octopus-librnp / etc (2026-304a740a0b)

The remote Fedora 42 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-304a740a0b advisory. Rebuild with sequoia-openpgp v2.1.0 to apply fixes for RUSTSEC-2025-0136 / CVE-2025-67897. Tenable has extracted the preceding description block directly fro...

Cryptonic (>=0.1.0 <=0.1.2), IMAPServer (=0.1.0) +6318 more potentially affected by unknown CVE via bincode (>=0.0.1 <=3.0.0)

bincode CARGO version =0.0.1, =0.1.0, =0.19.0, =0.4.1, =0.1.0, =0.0.1, =0.1.0, =0.1.0, =0.1.0, =0.2.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2025-0141...

CuPs (>=0.0.0 <=0.0.5), IF (=0.0.0) +24 more potentially affected by unknown CVE via unic-ucd-common (>=0.7.0 <=0.9.0)

unic-ucd-common CARGO version =0.7.0, =0.0.0, =1.11.3, =0.3.0, =0.3.0, =0.0.102, =0.1.0, =0.0.7, =0.0.1, =1.0.0, =0.1.0, =0.0.0, =0.1.0, =0.1.1 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2025-0101...

CuPs (>=0.0.0 <=0.0.5), IF (=0.0.0) +18 more potentially affected by unknown CVE via unic-ucd-name_aliases (=0.9.0)

unic-ucd-namealiases CARGO version =0.9.0 is affected by a known vulnerability. The following packages have a transitive dependency on unic-ucd-namealiases and may be impacted: - CuPs =0.0.0, =1.11.3, =0.3.0, =0.3.0, =0.0.102, =0.0.7, =0.0.1, =1.0.0, =0.0.0, =0.1.0, =1.1.1, =2.0.0 - unic =0.9.0 a...

aocleaderboard (>=0.1.0 <=0.6.1), archetect (>=0.5.0 <=0.7.3) +93 more potentially affected by unknown CVE via unic-segment (>=0.7.0 <=0.9.0)

unic-segment CARGO version =0.7.0, =0.1.0, =0.5.0, =0.5.0, =1.0.0, =0.1.0, =0.0.4, =0.1.0, =0.2.6, =0.0.15, =0.1.0, =0.1.3, =0.2.1, =0.1.2-beta, =0.1.8 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2025-0074...

Druid_task1 (=0.1.0), audio-processor-analysis (>=0.1.0-alpha.4 <=2.4.0) +72 more potentially affected by unknown CVE via unic-bidi (>=0.1.0 <=0.9.0)

unic-bidi CARGO version =0.1.0, =0.1.0-alpha.4, =0.4.0, =0.7.0, =0.4.0, =0.7.0, =0.2.0, =0.2.3 - frui =0.0.1 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2025-0096...

GuiNistRs (=0.1.0), LemoGUI (=0.0.1-nightly) +413 more potentially affected by unknown CVE via servo-fontconfig (>=0.4.0 <=0.5.1)

servo-fontconfig CARGO version =0.4.0, =0.5.0, =0.2.0, =0.5.0, =0.9.0, =0.1.0, =0.1.0, =0.8.0, =0.4.0, =0.9.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2025-0059...