Cargo flaws expose Rust third-party registries to crate cache overwrite and tar smuggling
The Rust Security Response Team disclosed Cargo vulnerabilities tracked as CVE-2026-5222 and CVE-2026-5223, highlighting risks in how Rust tooling processes package archives from third-party registries. In the published details for CVE-2026-5223, Cargo was found to mishandle symlinks inside crate tarballs, allowing a malicious crate to overwrite the cached source of another crate from the same registry by extracting files outside its intended cache path. The issue does not affect crates.io, which already blocks crates containing symlinks, but it affects Cargo versions shipped before Rust 1.96.0; the fix rejects extraction of any symlink found in crate tarballs.
The disclosures align with a separate advisory affecting the Rust package astral-tokio-tar, where a PAX header desynchronization bug in versions before 0.6.2 can cause tar archives to be interpreted differently from other implementations. That flaw can let attackers hide or reveal archive members unexpectedly and potentially smuggle files onto a victim filesystem during extraction. Together, the advisories underscore a broader supply-chain risk in Rust archive handling: malformed tar metadata and symlink processing can let malicious packages alter extracted contents in ways developers and automated tooling may not expect. Users are advised to upgrade to fixed releases and, where upgrades are not yet possible, audit registry content and block symlinks in published crates.
How this story unfolded
5 events from the most recent confirmed update back to the earliest known activity.
Rust 1.96.0 scheduled to fix Cargo symlink handling issue
Rust announced that Rust 1.96.0, scheduled for release on 2026-05-28, will fix CVE-2026-5223 by rejecting extraction of any symlink in crate tarballs. Users unable to upgrade were advised to audit registries for symlinks and configure registries to reject them where possible.
Rust discloses Cargo symlink vulnerability CVE-2026-5223
The Rust Security Response Team disclosed CVE-2026-5223, a medium-severity Cargo vulnerability affecting users of third-party registries. Cargo incorrectly handled symlinks in crate tarballs, allowing a malicious crate to overwrite another crate's cached source code from the same registry; crates.io users were not affected because symlinks are already forbidden there.
Rust discloses Cargo registry token leak vulnerability CVE-2026-5222
The Rust Security Response Team disclosed CVE-2026-5222, a low-severity Cargo vulnerability caused by incorrect normalization of third-party sparse registry URLs. Under narrow hosting conditions, the flaw could cause Cargo to send a victim's registry token to a malicious registry endpoint; the issue affects Cargo versions shipped from Rust 1.68 through 1.96.
Updated astral-tokio-tar advisory notes fix in version 0.6.2
A later GitHub advisory again documented the PAX header desynchronization issue in astral-tokio-tar and stated that the vulnerability is fixed in version 0.6.2 and later. No workaround other than upgrading was provided.
astral-tokio-tar advisory discloses PAX header desynchronization flaw
A GitHub security advisory disclosed a PAX header interpretation bug in astral-tokio-tar affecting versions before 0.6.2. The flaw could let attackers smuggle unexpected files during extraction by desynchronizing tar stream processing, and users were advised to upgrade.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
4 references tracked. Mallory keeps watching after this page renders.
Security Advisory for Cargo (CVE-2026-5222) | Rust Blog
blog.rust-lang.org
Open sourceSecurity Advisory for Cargo (CVE-2026-5223) | Rust Blog
blog.rust-lang.org
Open sourcePAX Header Desynchronization in astral-tokio-tar · Advisory · astral-sh/tokio-tar · GitHub
github.com
Open sourcePAX Header Desynchronization in astral-tokio-tar · Advisory · astral-sh/tokio-tar · GitHub
github.com
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
Remote Code Execution Vulnerability in Async-Tar and Forked Rust Libraries
A high-severity vulnerability, tracked as CVE-2025-62518 and codenamed TARmageddon, was discovered in the async-tar Rust library and its numerous forks, including tokio-tar, astral-tokio-tar, krata-tokio-tar, and others. The flaw, which carries a CVSS score of 8.1, allows for remote code execution (RCE) through file overwriting attacks, such as replacing configuration files or hijacking build backends. The vulnerability stems from inconsistent handling of PAX extended headers and ustar headers when determining file data boundaries, specifically when processing archives with PAX-extended headers containing size overrides. This parsing error enables attackers to smuggle additional archive entries by exploiting the mismatch, causing the parser to interpret file content as legitimate TAR headers. The async-tar library and its forks are widely used in critical tools and environments, including the uv Python package manager, testcontainers, and wasmCloud, amplifying the potential impact of the flaw. The most popular fork, tokio-tar, has over 5 million downloads on crates.io but is no longer maintained, increasing the risk as users may not receive timely patches. Edera, the security company that discovered the vulnerability in August 2025, highlighted the systemic risk posed by the open-source abandonware crisis, as the bug was inherited by a deep lineage of forks after the original project became unmaintained. Edera created and distributed patches for active forks, with astral-tokio-tar releasing version 0.5.6 to remediate the issue. However, users of unmaintained forks like tokio-tar are advised to migrate to patched alternatives such as astral-tokio-tar. The vulnerability's discovery underscores the challenges in tracking and patching security flaws in widely forked and abandoned open-source projects. The flaw's presence in foundational libraries for async archive processing in the Rust ecosystem means that build systems and production environments across many organizations could be at risk. Security experts warn that the lack of visibility into the use of these libraries further complicates mitigation efforts. The incident has reignited discussions about the need for better maintenance and oversight of critical open-source infrastructure. Organizations relying on affected libraries are urged to assess their exposure and implement available patches or migrate to maintained alternatives immediately. The coordinated disclosure and patching efforts by Edera aimed to minimize the window of exploitation before public announcement. This event highlights the importance of proactive vulnerability management and the risks associated with relying on unmaintained open-source components.
Mar 21, 2026
GNU tar Hidden File Injection Flaw Lets Archives Bypass Pre-Extraction Listing
A flaw in **GNU tar 1.35** allows a crafted archive to show one set of contents during listing while extracting additional hidden files. The issue stems from a desynchronization between `tar -t` and `tar -x`: listing respects the size field for certain non-data-bearing typeflags and skips data blocks, while extraction ignores that size field and treats those same blocks as additional headers. The behavior affects **symlink, character device, block device, and FIFO** entries, but not directory entries, enabling hidden file injection with an archive reportedly smaller than 3 KB. The vulnerability was disclosed on the **oss-sec** mailing list by Guillermo de Angel, with **Red Hat reportedly assigning `CVE-2026-5704`**. Follow-up discussion pointed to a patch from **Paul Eggert** published on the GNU tar mailing list and in the tar source repository, and noted that a similar report had already appeared on the bug-tar mailing list. The flaw creates risk for security workflows that rely on archive inspection before extraction, because files omitted from `tar -t` output may still be written when the archive is unpacked.
Apr 13, 2026
rust-openssl Flaws Enable Memory Disclosure and Buffer Overwrite
Two high-severity vulnerabilities were disclosed in **rust-openssl**, the Rust bindings for OpenSSL, affecting multiple `0.9.x` and `0.10.x` releases prior to **`0.10.78`**. **`CVE-2026-41898`** affects versions from `0.9.24` up to, but not including, `0.10.78`, where several FFI trampoline callback paths passed a closure-returned `usize` to OpenSSL without validating it against the output buffer size. The flaw can trigger buffer overflows and leak adjacent memory to a network peer, and it is mapped to **`CWE-126`** and **`CWE-130`**. A second issue, **`CVE-2026-41681`**, affects versions from `0.10.39` up to, but not including, `0.10.78`, in `MdCtxRef::digest_final()`, which writes `EVP_MD_CTX_size(ctx)` bytes to the caller buffer without checking whether the buffer is large enough. The resulting out-of-bounds write can cause stack corruption and is reachable from safe Rust, with the weakness classified as **`CWE-121`**. Both vulnerabilities were addressed in **`rust-openssl 0.10.78`**, with public advisories, code references, and fix details released alongside the CVE records.
Apr 25, 2026