PatchSiren

RustCrypto CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

LOW RustCrypto CVE published 2026-07-17

CVE-2026-50185

A low-severity vulnerability was found in RustCrypto CMOV, affecting aarch64 implementations of Cmov and CmovEq. The issue, fixed in version 0.5.4, can cause incorrect output when high bits are set in Cmov selectors or operands. This vulnerability has a CVSS score of 2.0 and is considered low-severity. The CVE record was published on 2026-07-17T19:17:16.370Z and has not been modified since then.