CVE-2026-41035
Possible ATT&CK Techniques 1AI
T1203 · Exploitation for Client ExecutionGet alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-41035
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
In rsync 3.0.1 through 3.4.1, receive_xattr relies on an untrusted length value during a qsort call, leading to a receiver use-after-free. The victim must run rsync with -X (aka --xattrs). On Linux, many (but not all) common configurations are vulnerable. Non-Linux platforms are more widely vulnerable.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
Source: NVD (National Vulnerability Database)
Vulnerability Type
长度参数不一致性处理不恰当
Source: NVD (National Vulnerability Database)
Vulnerability Title
Rsync 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Rsync是RsyncProject开源的一款快速且用途广泛的文件复制工具。用于远程文件和本地文件。 Rsync 3.0.1至3.4.1版本存在安全漏洞,该漏洞源于receive_xattr函数在qsort调用中使用不可信长度值,可能导致接收方释放后重用。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2026-41035
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-41035
请登录查看更多情报信息。
Mailing List Discussions for CVE-2026-41035 (1)
Other References for CVE-2026-41035 (1)
IV. Related Vulnerabilities
Same product: rsync
- CVE-2026-29518
Rsync < 3.4.3 TOCTOU Race Condition Allows Symlink-Based Arb - CVE-2026-43617
Rsync < 3.4.3 Authorization Bypass via Hostname Resolution - CVE-2026-43618
Rsync < 3.4.3 Integer Overflow Information Disclosure - CVE-2026-43619
Rsync < 3.4.3 Symlink Race Condition via Path-Based Syscalls - CVE-2026-43620
Rsync < 3.4.3 Out-of-Bounds Array Read via recv_files()
Same weakness: CWE-130
- CVE-2026-5766
Potential denial-of-service vulnerability in ASGI requests v - CVE-2026-33846
Gnutls: gnutls: denial of service via heap buffer overflow i - CVE-2026-3868
Moxa EDR-8010 Series和Moxa EDR-G9010 Series 安全漏洞 - CVE-2026-5265
Ovn: ovn: heap over-read in icmp error response generation - - CVE-2026-5367
Ovn: ovn: information disclosure via crafted dhcpv6 packets
V. Comments for CVE-2026-41035
No comments yet