CVE-2026-5222
A flaw was found in rust-cargo. The Cargo tool, used for managing Rust projects, incorrectly handled the URLs of third-party registries when using the sparse index protocol. This vulnerability could allow an attacker, who is able to publish packages in a registry, to obtain sensitive credentials...