"Two independent groups of researchers have identified a total of 6

vulnerabilities in rsync. In the most severe CVE, an attacker only requires

anonymous read access to a rsync server, such as a public mirror, to

execute arbitrary code on the machine the server is running on."

https://seclists.org/oss-sec/2025/q1/16

#security #cybersecurity #rsync