Fragile bounds check when sampling from image

A bounds check was performed in floating points before a cast to the index passed to an unchecked access function. This checked considered NaN cases improperly, causing them to succeed the check instead of failing it. The floating point coordinate is under caller control by passing a selected...

`tokio-current-thread` is unmaintained

The tokio-current-thread crate is unmaintained. It was part of the Tokio 0.1 ecosystem and has been superseded by the main tokio crate...

`tokio-codec` is unmaintained

The tokio-codec crate is unmaintained. It was part of the Tokio 0.1 ecosystem and has been superseded by the tokio-util crate...

`tokio-udp` is unmaintained

The tokio-udp crate is unmaintained. It was part of the Tokio 0.1 ecosystem and has been superseded by the main tokio crate...

`tokio-sync` is unmaintained

The tokio-sync crate is unmaintained. It was part of the Tokio 0.1 ecosystem and has been superseded by the main tokio crate...

`tokio-fs` is unmaintained

The tokio-fs crate is unmaintained. It was part of the Tokio 0.1 ecosystem and has been superseded by the main tokio crate...

CRL Distribution Point Scope Check Logic Error in AWS-LC

A logic error in CRL distribution point matching in AWS-LC allows a revoked certificate to bypass revocation checks during certificate validation, when the application enables CRL checking and uses partitioned CRLs with Issuing Distribution Point IDP extensions. Customers of AWS services do not...

Panic in Signature Hint Decoding During Verification

During ML-DSA verification the serialized hint values are decoded as specified in algorithm 22 HintBitUnpack of FIPS 204, subsection 7.1. The algorithm requires that the cumulative hint counters per row of the hint vector are strictly increasing and below a maximum value which depends on the choi...

Incorrect Check of Signer Response Norm During Verification

The ML-DSA verification algorithm as specified in FIPS 204, subsection 6.3 requires verifiers to check that the infinity norm of the deserialized signer response $z$ does not exceed $\gamma1 - \beta$ line 13 of Algorithm 8. The same check is required to be performed during signature generation...

`dnp3times` was removed from crates.io due to malicious code

The dnp3times crate attempted to exfiltrate .env files to a server that was in turn impersonating the legitimate timeapi.io service. It was loosely trying to typosquat the dnp3time crate, but otherwise was the same attack as the timecalibrator and timecalibrators malware yesterday. The malicious...

`time_calibrator` was removed from crates.io due to malicious code

It was reported timecalibrator contained malicious code, that would try to upload .env files to a server. The malicious crate had only 1 version published at 2026-02-28 and no evidence of actual usage. The crate was removed from crates.io and the user account was locked. There were no crates...

`tracing_checks` was removed from crates.io for transitively including malicious code

This is part of an ongoing campaign to attempt to typosquat crates in an attempt to exfiltrate Polymarket credentials. The malicious crate had 1 version published on 2026-02-26 approximately 9 hours before removal and had no evidence of actual usage, both in terms of downloads and dependents. It...

`tracings` was removed from crates.io for malicious code

This is part of an ongoing campaign to attempt to typosquat crates in an attempt to exfiltrate Polymarket credentials. The malicious crate had 1 version published on 2026-02-26 approximately 9 hours before removal and had no evidence of actual usage. The only crate depending on this crate was the...

`polymarket-client-sdks` was removed from crates.io for malicious code

It appeared to be typosquatting existing crate polymarket-client-sdk sdks vs sdk and attempting to steal credentials from local files. The malicious crate had 1 version published on 2026-02-09 and had been downloaded only 33 times. There were no crates depending on this crate on crates.io. Thanks...

Unnecessary clamping of seed reduces seed entropy to 251 bits

The latest releases of the libcrux-ed25519 crate contains the following bug-fix: 1320: Remove duplicated clamping step during key generation The issue fixed in 1320 was first reported by Nadim Kobeissi...

Incorrect X25519 clamping check rejects all secrets on import

The latest releases of the libcrux-psq crate contains the following bug-fix: 1301: Fix broken clamping check for imported X25519 secret keys...

X25519 secret validation did not check buffer length or clamping

The latest releases of the libcrux-ecdh crate contains the following bug-fix: 1301: Check length and clamping in X25519 secret validation. This is a breaking change since errors are now raised on unclamped X25519 secrets or inputs of the wrong length...

matrix-sdk-base: Denial of service due to custom `m.room.join_rules` events

The matrix-sdk-base crate is unable to handle responses that include custom m.room.joinrules values due to a serialization bug. This can be exploited to cause a denial-of-service condition, if a user is invited to a room with non-standard join rules, the crate's sync process will stall, preventin...

`uniswap-utils` was removed from crates.io for malicious code

It depended on the evm-units crate, which appeared to be attempting to steal cryptocurrency...

CGGMP21 presignatures can be used in the way that significantly reduces security

This attack is against presignatures used in very specific context: Presignatures + HD wallets derivation: security level reduces to 85 bits \ Previously you could generate a presignature, and then choose a HD derivation path while issuing a partial signature via Presignature::setderivationpath,...

rand_os crate is unmaintained

The randos crate is deprecated and no longer actively maintained, as OsRng is now part of randcore. If you are using this crate, consider upgrading to randcore 0.5.1 or higher...

tandem_http_client is unmaintained

The tandem crates in https://github.com/sine-fdn are no longer maintained by the SINE Foundation. The repository has been archived. Recommended alternative We are continuing our work on SMPC by implementing our secure multi-party computation engine Polytune...

Lack of sufficient checks in public API

The affected function is unsound due to insufficient checks on public struct field...

`unic-char-range` is unmaintained

All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained. Recommended alternatives - Since version 1.45.0 Rust supports using char with ops::Range, RangeFrom, RangeFull, RangeInclusive, RangeTo to iterate over a range of codepoints...

`unic-ucd` is unmaintained

All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained. Recommended alternatives - icuproperties...

matrix-sdk-base: Panic in the `RoomMember::normalized_power_level()` method

In matrix-sdk-base before 0.14.1, calling the RoomMember::normalizedpowerlevel method can cause a panic if a room member has a power level of Int::Min...

Multiple memory corruption vulnerabilities in safe APIs

The crate has the following vulnerabilities: - The public trait arenavec::common::AllocHandle allows the return of raw pointers through its methods allocate and allocateorextend. However, the trait is not marked as unsafe, meaning users of the crate may implement it under the assumption that the...

`xcb::Connection::connect_to_fd*` functions violate I/O safety

The API of xcb::Connection has constructors which allow an arbitrary RawFd to be used as a socket connection. On either failure of these constructors or on the drop of Connection, it closes the associated file descriptor. Thus, a program which uses an OwnedFd such as a UnixStream as the file...

Possible host crash with host-to-wasm component intrinsics

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-4h67-722j-5pmc For more information see the GitHub-hosted security advisory...

Uninitialized read after allocating MemBump

The affected function, MemBump::new, would allocate memory without initializing it. Subsequently calling the created value's various alloc methods would then read and write the start of that memory as a Cell which is undefined behavior. Instead, it should zero initialize the start of the allocate...

Pingora Request Smuggling and Cache Poisoning

Pingora versions prior to 0.5.0 which used the caching functionality in pingora-proxy did not properly drain the downstream request body on cache hits. This allows an attacker to craft malicious HTTP/1.1 requests which could lead to request smuggling or cache poisoning. This flaw was corrected in...

soundness issue and unmaintained

shaman::cryptoutil::writeu64vle and other functions mentioned above cannot garantee memory safety of getunchecked later if both length are zero. shaman is unmaintained...

soundness issue and unmaintained

wrenrust::macros::defaultrealloc lacks sufficient checks to it pointer parameter which passed into free and realloc wrenrust is unmaintained...

`DTriangle` accessors may read out of bounds in affected versions

In affected versions, DTriangle::neighborbyorder and DTriangle::vertexbyorder were public safe functions that accepted an arbitrary order value. These functions used order to access fixed-size internal arrays with getunchecked, without checking whether order was within bounds. Calling these metho...

crossbeam-channel: double free on Drop

The internal Channel type's Drop method has a race which could, in some circumstances, lead to a double-free. This could result in memory corruption. Quoting from the upstream description in merge request \1187: The problem lies in the fact that dicardallmessages contained two paths that could le...

SHA-1 collision attacks are not detected

Summary gitoxide uses SHA-1 hash implementations without any collision detection, leaving it vulnerable to hash collision attacks. Details gitoxide uses the sha1smol or sha1 crate, both of which implement standard SHA-1 without any mitigations for collision attacks. This means that two distinct G...

`array-init-cursor` in version 0.2.0 and below is unsound when used with types that implement `Drop`

The Drop implementation will get run twice when using the cursor. This issue does not affect you, if you are using only using the crate with types that are Copy such as u8. This issue also does not affect you, if you are only depending on it through the crate planus...

Safe API can cause heap-buffer-overflow

ffi::nstr should be marked unsafe, since a pointer to a buffer without a trailing 0 value will cause a heap buffer overflow...

The `trust-dns` project has been rebranded to `hickory-dns`

The trust-dns-proto crate is now available as hickory-proto...

Use after free in `Parc` and `Prc` due to missing lifetime constraints

Affected versions of this crate didn't provide sufficient lifetime constraints to conversion functions from alloc::sync::Arc and alloc::rc::Rc, which made it possible to create projections of these reference counted pointers. Unlike the original reference counted pointers, these projections could...

`openpgp-card-sequoia` is unmaintained.

The openpgp-card-sequoia crate is no longer actively maintained. You can use the openpgp-card-rpgp crate for OpenPGP card client functionality instead...

Denial of Service via malicious Web Push endpoint

Prior to version 0.10.3, the built-in clients of the web-push crate eagerly allocated memory based on the Content-Length header returned by the Web Push endpoint. Malicious Web Push endpoints could return a large Content-Length without ever having to send as much data, leading to denial of servic...

ssl::select_next_proto use after free

In openssl versions before 0.10.70, ssl::selectnextproto can return a slice pointing into the server argument's buffer but with a lifetime bound to the client argument. In situations where the server buffer's lifetime is shorter than the client buffer's, this can cause a use after free. This coul...

libsecp256k1 is unmaintained

The maintainers recommend using k256 instead...

Out of bounds write triggered by crafted coverage data

Function grcov::covdir::getcoverage uses the unsafe function getuncheckedmut without validating that the index is in bounds. This results in memory corruption, and could potentially allow arbitrary code execution provided that an attacker can feed the tool crafted coverage data...

Unsound usages of `core::slice::from_raw_parts`

We consider asslice and asslicemut unsound because: the pointer with any bit patterns could be cast to the slice of arbitrary types. The pointer could be created by unsafe new and deprecated fromparts. We consider that fromparts should be removed in latest version because it will help trigger...

gtk-layer-shell GTK3 bindings - no longer maintained

The gtk-layer-shell GTK3 bindings are no longer maintained. The maintainers have archived the repository, and added a note to the crate description and its README.md that the crates are no longer maintained. Please take a look at gtk4-layer-shell instead...

`idna` accepts Punycode labels that do not produce any non-ASCII when decoded

idna 0.5.0 and earlier accepts Punycode labels that do not produce any non-ASCII output, which means that either ASCII labels or the empty root label can be masked such that they appear unequal without IDNA processing or when processed with a different implementation and equal when processed with...

gtk-layer-shell-sys GTK3 bindings - no longer maintained

The gtk-layer-shell-sys GTK3 bindings are no longer maintained. The maintainers have archived the repository, and added a note to the crate description and its README.md that the crates are no longer maintained. Please take a look at gtk4-layer-shell instead...

Undefined behaviour in `kvm_ioctls::ioctls::vm::VmFd::create_device`

An issue was identified in the VmFd::createdevice function, leading to undefined behavior and miscompilations on rustc 1.82.0 and newer due to the function's violation of Rust's pointer safety rules. The function downcasted a mutable reference to its struct kvmcreatedevice argument to an immutabl...