2 matches found
CVE-2026-49980 Rclone: Unauthenticated command execution in `rclone rcd --rc-serve` via inline remote instantiation, bypassing CVE-2026-41179 fix
Rclone is a command-line program to sync files and directories to and from different cloud storage providers. From 1.46.0 until 1.74.3, rclone rcd --rc-serve accepts unauthenticated GET and HEAD requests to paths of the form: /remote:path/object. The remote value is parsed from the URL and passed...
OPENSUSE-SU-2026:10975-1 rclone-1.74.3-1.1 on GA media
These are all security issues fixed in the rclone-1.74.3-1.1 package on the GA media of openSUSE Tumbleweed...