Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.2
HexChat Crate Can Crash Your Application
GHSA-x43w-ph7m-pfjx
Summary
The HexChat crate has a bug that can cause a program to crash. This crate is no longer being updated or supported, so it's recommended to switch to a different library. If you're using this crate, consider replacing it with an alternative to keep your application running smoothly.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| – | hexchat | <= 0.6.3 | – |
Original title
hexchat crate has a Use After Free vulnerability
Original description
All versions of this crate have function `deregister_command` which can result in use after free. This is unsound.
In addition, all versions since 0.3.0 have "safe" macros, which are documented as unsafe to use in threads.
In addition, the `hexchat` crate is no longer actively maintained. If users rely on this crate, consider switching to an alternative.
In addition, all versions since 0.3.0 have "safe" macros, which are documented as unsafe to use in threads.
In addition, the `hexchat` crate is no longer actively maintained. If users rely on this crate, consider switching to an alternative.
ghsa CVSS4.0
7.2
Vulnerability type
CWE-416
Use After Free
Published: 25 Feb 2026 · Updated: 7 Mar 2026 · First seen: 6 Mar 2026