Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.1
RustDesk Client on Multiple Platforms Fails to Validate Certificates
CVE-2026-30794
Summary
RustDesk Client, a remote desktop app, has a security flaw that allows an attacker to intercept and read sensitive information. This affects the client on Windows, MacOS, Linux, iOS, and Android, and you should update to a fixed version to prevent unauthorized access to your remote desktop sessions.
Original title
Improper Certificate Validation vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (HTTP API client, TLS transport modules) allows Adversary in ...
Original description
Improper Certificate Validation vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (HTTP API client, TLS transport modules) allows Adversary in the Middle (AiTM). This vulnerability is associated with program files src/hbbs_http/http_client.Rs and program routines TLS retry with danger_accept_invalid_certs(true).
This issue affects RustDesk Client: through 1.4.5.
This issue affects RustDesk Client: through 1.4.5.
nvd CVSS4.0
9.1
Vulnerability type
CWE-295
Improper Certificate Validation
Published: 5 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026