Browse all 6 CVE security advisories affecting tokio-rs. AI-powered Chinese analysis, POCs, and references for each vulnerability.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-25541 | Bytes is vulnerable to integer overflow in BytesMut::reserve — bytesCWE-680 | 9.4AI | CriticalAI | 2026-02-04 |
| CVE-2025-58160 | Tracing logging user input may result in poisoning logs with ANSI escape sequences — tracingCWE-150 | 7.1 | - | 2025-08-29 |
| CVE-2025-55159 | slab allows out-of-bounds access in `get_disjoint_mut` due to incorrect bounds check — slabCWE-119 | 8.1AI | HighAI | 2025-08-11 |
| CVE-2024-27308 | Mio's tokens for named pipes may be delivered after deregistration — mioCWE-416 | 7.5 | High | 2024-03-06 |
| CVE-2023-22466 | Tokio's reject_remote_clients configuration may get dropped when creating a Windows named pipe — tokioCWE-665 | 5.4 | Medium | 2023-01-04 |
| CVE-2022-3212 | DoS in axum-core due to missing request size limit — axum-coreCWE-770 | 7.5 | High | 2022-09-14 |
This page lists every published CVE security advisory associated with tokio-rs. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.