| glibc | 2.43-r6 | HIGH | CVE-2026-5928 | n/a | Calling the ungetwc function on a FILE stream with wide characters encoded in a character set that has overlaps between its single byte and multi-byte |
| rustls-webpki | 0.102.8 | HIGH | GHSA-82j2-j2ch-gfr8 | 0.103.13 | rustls-webpki: Denial of service via panic on malformed CRL BIT STRING |
| rustls-webpki | 0.103.3 | HIGH | GHSA-82j2-j2ch-gfr8 | 0.103.13 | rustls-webpki: Denial of service via panic on malformed CRL BIT STRING |
| rustls-webpki | 0.102.8 | MEDIUM | GHSA-pwjx-qhcg-rvj4 | 0.103.10 | webpki: CRLs not considered authoritative by Distribution Point due to faulty matching logic |
| rustls-webpki | 0.103.3 | MEDIUM | GHSA-pwjx-qhcg-rvj4 | 0.103.10 | webpki: CRLs not considered authoritative by Distribution Point due to faulty matching logic |
| rand | 0.8.5 | LOW | GHSA-cq8v-f236-94qc | 0.8.6 | Rand is unsound with a custom logger using rand::rng() |
| rand | 0.9.2 | LOW | GHSA-cq8v-f236-94qc | 0.9.3 | Rand is unsound with a custom logger using rand::rng() |
| rustls-webpki | 0.102.8 | LOW | GHSA-965h-392x-2mh5 | 0.103.12 | webpki: Name constraints for URI names were incorrectly accepted |
| rustls-webpki | 0.102.8 | LOW | GHSA-xgp8-3hg3-c2mh | 0.103.12 | webpki: Name constraints were accepted for certificates asserting a wildcard name |
| rustls-webpki | 0.103.3 | LOW | GHSA-965h-392x-2mh5 | 0.103.12 | webpki: Name constraints for URI names were incorrectly accepted |
| rustls-webpki | 0.103.3 | LOW | GHSA-xgp8-3hg3-c2mh | 0.103.12 | webpki: Name constraints were accepted for certificates asserting a wildcard name |