Platform
rust
Component
rssn
Fixed in
0.2.10
0.2.9
0.2.9
CVE-2026-30960 represents a critical code injection vulnerability discovered in the rssn Rust library. This flaw allows attackers to inject and execute arbitrary code due to insufficient input validation within the JIT compilation engine, which is exposed through the CFFI. Versions prior to 0.2.9 are affected, and a patch has been released to address the issue.
The vulnerability's impact is severe due to its code injection nature. An attacker can leverage this flaw to execute arbitrary code within the context of the rssn library, potentially gaining complete control over the affected system. The exposed JIT compilation engine and CFFI interface provide a direct pathway for malicious code execution. This could lead to data breaches, system compromise, and further lateral movement within the network. The vulnerability's CWE classifications (CWE-94, CWE-754, CWE-20, CWE-695, CWE-269, CWE-15) highlight the multiple contributing factors to its severity.
CVE-2026-30960 was publicly disclosed on 2026-03-08. The vulnerability's CRITICAL CVSS score (9.5) indicates a high probability of exploitation. As of this writing, there are no publicly available proof-of-concept exploits, but the ease of code injection suggests that one may emerge quickly. It is not currently listed on CISA KEV.
Exploit Status
EPSS
0.01% (1% percentile)
CISA SSVC
The primary mitigation is to immediately upgrade to rssn version 0.2.9 or later, which contains the fix for this vulnerability. If upgrading is not immediately feasible due to compatibility issues or breaking changes, consider implementing strict input validation on any data passed to the rssn library. While a WAF or proxy cannot directly prevent this code injection, they can be configured to monitor for suspicious patterns in requests and responses. There are no specific Sigma or YARA rules available at this time, but monitoring for unexpected code execution within the rssn library's process is recommended. After upgrading, confirm the fix by attempting to trigger the vulnerable code path with malicious input and verifying that it is now properly sanitized.
Update the rssn library to version 0.2.9 or later. This version fixes the arbitrary code execution vulnerability through the CFFI interface. The update will prevent an attacker from exploiting the lack of input validation in JIT instruction generation.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-30960 is a critical code injection vulnerability affecting the rssn Rust library, allowing attackers to execute arbitrary code due to improper input validation in the JIT compilation engine.
You are affected if you are using rssn version 0.2.8 or earlier. Check your project's dependencies to determine if you are using a vulnerable version.
Upgrade to rssn version 0.2.9 or later to remediate the vulnerability. If upgrading is not immediately possible, implement strict input validation.
While no public exploits are currently available, the vulnerability's severity and ease of exploitation suggest that it may be targeted in the future.
Refer to the rssn project's official repository or website for the latest security advisories and updates regarding CVE-2026-30960.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your Cargo.lock file and we'll tell you instantly if you're affected.