These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
CVE-2026-30798 is a HIGH-severity vulnerability (CVSS Score: 8.2) affecting RustDesk Client versions through 1.4.8 on multiple platforms (Windows, MacOS, Linux, iOS, Android). The issue stems from Insufficient Verification of Data Authenticity and Improper Handling of Exceptional Conditions in the heartbeat sync loop and strategy processing modules. This vulnerability, associated with program files src/hb [truncated]
CVE-2026-30796 is a Cleartext Transmission of Sensitive Information and Insufficiently Protected Credentials vulnerability in RustDesk Client on multiple platforms. The vulnerability allows for Sniffing Attacks due to the transmission of the preset address-book password in cleartext within the heartbeat sync JSON body. This issue affects RustDesk Client versions up to 1.4.8 and is associated with program [truncated]
CVE-2026-30794 is a CRITICAL Improper Certificate Validation vulnerability in RustDesk Client on Windows, MacOS, Linux, iOS, Android. The vulnerability allows for Adversary in the Middle (AiTM) attacks. It affects RustDesk Client through version 1.4.8, specifically in the HTTP API client and TLS transport modules. The CVSS score is 9.1, indicating a high severity. Defenders should prioritize patching due [truncated]
The CVE-2026-30792 vulnerability is a high-severity issue (CVSS Score: 8.3) affecting RustDesk Client versions through 1.4.8 on multiple platforms including Windows, MacOS, Linux, iOS, Android, and WebClient. This vulnerability allows for Application API Message Manipulation via Man-in-the-Middle attacks, primarily due to weaknesses in the Strategy sync, HTTP API client, and config options engine modules. [truncated]
CVE-2026-30790 is a critical vulnerability in RustDesk Client that allows for interception and offline password brute forcing due to the use of a password hash with insufficient computational effort. The vulnerability affects RustDesk Client versions through 1.4.8 and is associated with program files src/client.rs and src/common.rs. The controlled-host peer authentication channel is not affected, but the [truncated]
CVE-2026-30789 is a critical vulnerability in RustDesk Client affecting Windows, MacOS, Linux, iOS, and Android platforms. It allows for Authentication Bypass by Capture-replay and Use of Password Hash With Insufficient Computational Effort, specifically through reusing session IDs (Session Replay). This issue impacts client login and peer authentication modules, associated with program files src/client.R [truncated]
CVE-2026-30783 is a Privilege Abuse vulnerability affecting RustDesk Client versions up to 1.4.8 across Windows, MacOS, Linux, iOS, Android, and WebClient. The issue lies in modules such as Client signaling, API sync loop, and config management, specifically in program files src/rendezvous_mediator.Rs and src/hbbs_http/sync.Rs. With a CVSS score of 4.8, this medium-severity vulnerability requires local ac [truncated]
