The Rust Security Response Team disclosed Cargo vulnerabilities tracked as CVE-2026-5222 and CVE-2026-5223, highlighting risks in how Rust tooling processes package archives from third-party registries. In the published details for CVE-2026-5223, Cargo was found to mishandle symlinks inside crate tarballs, allowing a malicious crate to overwrite the cached source of another crate from the same registry by extracting files outside its intended cache path. The issue does not affect crates.io, which already blocks crates containing symlinks, but it affects Cargo versions shipped before Rust 1.96.0; the fix rejects extraction of any symlink found in crate tarballs.
The disclosures align with a separate advisory affecting the Rust package astral-tokio-tar, where a PAX header desynchronization bug in versions before 0.6.2 can cause tar archives to be interpreted differently from other implementations. That flaw can let attackers hide or reveal archive members unexpectedly and potentially smuggle files onto a victim filesystem during extraction. Together, the advisories underscore a broader supply-chain risk in Rust archive handling: malformed tar metadata and symlink processing can let malicious packages alter extracted contents in ways developers and automated tooling may not expect. Users are advised to upgrade to fixed releases and, where upgrades are not yet possible, audit registry content and block symlinks in published crates.

Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
5 events from the most recent confirmed update back to the earliest known activity.
Rust announced that Rust 1.96.0, scheduled for release on 2026-05-28, will fix CVE-2026-5223 by rejecting extraction of any symlink in crate tarballs. Users unable to upgrade were advised to audit registries for symlinks and configure registries to reject them where possible.
The Rust Security Response Team disclosed CVE-2026-5223, a medium-severity Cargo vulnerability affecting users of third-party registries. Cargo incorrectly handled symlinks in crate tarballs, allowing a malicious crate to overwrite another crate's cached source code from the same registry; crates.io users were not affected because symlinks are already forbidden there.
The Rust Security Response Team disclosed CVE-2026-5222, a low-severity Cargo vulnerability caused by incorrect normalization of third-party sparse registry URLs. Under narrow hosting conditions, the flaw could cause Cargo to send a victim's registry token to a malicious registry endpoint; the issue affects Cargo versions shipped from Rust 1.68 through 1.96.
A later GitHub advisory again documented the PAX header desynchronization issue in astral-tokio-tar and stated that the vulnerability is fixed in version 0.6.2 and later. No workaround other than upgrading was provided.
A GitHub security advisory disclosed a PAX header interpretation bug in astral-tokio-tar affecting versions before 0.6.2. The flaw could let attackers smuggle unexpected files during extraction by desynchronizing tar stream processing, and users were advised to upgrade.
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
4 references tracked. Mallory keeps watching after this page renders.
blog.rust-lang.org
Open sourceblog.rust-lang.org
Open sourcegithub.com
Open sourcegithub.com
Open sourceMap indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.