CVE-2026-30794 - RustDesk HTTP Client Silently Accepts Invalid TLS Certificates After Handshake F...

CVE ID : CVE-2026-30794 Published : March 5, 2026, 4:16 p.m. | 1 hour, 20 minutes ago Description : Improper Certificate Validation vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (HTTP API client, TLS transport modules) allows Adversary in the Middle (AiTM). This vulnerability is associated with program files src/hbbs_http/http_client.Rs and program routines TLS retry with danger_accept_invalid_certs(true). This issue affects RustDesk Client: through 1.4.5. Severity: 9.1 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...