Package impact
Go / github.com/rclone/rclone
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2026-41179 | critical | 9.8 | 9.8 | 1mo ago | RClone: Unauthenticated operations/fsinfo allows attacker-controlled backend instantiation and local command execution | |
| CVE-2026-41176 | critical | — | 9.5 | 1mo ago | Rclone: Unauthenticated options/set allows runtime auth bypass, leading to sensitive operations and command execution | |
| CVE-2020-28924 | medium | — | 5.5 | 5y ago | An issue was discovered in Rclone before 1.53.3. Due to the use of a weak random number generator, the password generator has been producing weak passwords with much less entropy than advertised. The… | |
| CVE-2024-52522 | unknown | — | — | 2y ago | Rclone is a command-line program to sync files and directories to and from different cloud storage providers. Insecure handling of symlinks with --links and --metadata in rclone while copying to loca… |