CVE-2025-10158: Rsync: Out of bounds array access via negative index

Overview

Severity

Medium (CVSS 5.4)

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L/E:U

Exploit Status

Not Exploited

Patch Tuesday

2025-Nov

Released

2025-11-19

Last Updated

2025-12-07

EPSS Score

0.07% (percentile: 20.3%)

Affected Products (4)

Other

• 17490-17084
• 20732-17084
• 17120-17086
• 20706-17086

Revision History

• 2025-11-19: Information published.
• 2025-11-20: Information published.
• 2025-11-23: Information published.
• 2025-11-24: Information published.
• 2025-11-25: Information published.
• 2025-12-06: Information published.
• 2025-12-07: Information published.