rust
Security Risk Profile
35
/100
lowSecurity Risk Score
Comprehensive risk assessment based on 158 vulnerabilities, EPSS scores, exploitation status, and remediation availability.
📅 Data spans from September 13, 2018 to present
158
Total CVEs
12
Critical+High
0
Exploited
10
Unpatched
Threat Assessment
Avg CVSS
6.5
Base severity
Avg EPSS
0%
Exploit probability
Unpatched
10
Critical/High
Risk Level
35/100
low
🆕 2Fresh (<7d)📈 2 in Last 30 Days
Severity Distribution
Critical
5High
7Medium
12Low
1Exploit Likelihood
>50% chance
020-50%
05-20%
0<5%
7Age Distribution
Common Weaknesses (CWE)
1
Null Pointer Dereference
3
2
Integer Overflow
3
3
Use After Free
2
4
Race Condition
2
5
OS Command Injection
2
Most Affected Products
1. Rust Rust129
2. Rust rust-ffmpeg5
3. Meh.schizofreni Rust-ffmpeg5
4. Rust Cargo3
5. Fedoraproject Fedora3
Recent Vulnerabilities
See more →CVE-2026-5223
unknown
Crates in third party registries can override the cached source of other crates
5/25/2026
CVE-2026-5222
unknown
Cargo can be coerced to share credentials between registries
5/25/2026
EOL-rust-1.95
unknown
4/16/2026
EOL-rust-1.94
unknown
3/6/2026
EOL-rust-1.93
unknown
1/22/2026
https://seclists.org/oss-sec/2025/q4/347
unknown
Best practices for signatuverifcation
12/31/2025🔧 No Patch
EOL-rust-1.92
unknown
12/11/2025
EOL-rust-1.91
unknown
10/30/2025
https://www.bleepingcomputer.com/news/security/tarmageddon-flaw-in-abandoned-rust-library-enables-rce-attacks/
unknown
TARmageddon flaw in abandoned Rust library enables RCE attacks
10/22/2025🔧 No Patch
https://www.theregister.com/2025/10/22/vulnerable_rust_crate/
unknown
Forking confusing: Vulnerable Rust crate exposes uv Python packager
10/22/2025🔧 No Patch
Monitor rust in Real-Time
Get instant alerts when new vulnerabilities are discovered. Stay ahead of security threats with SecAlerts.