crates.io1904 advisories

crates.io security advisories

Most-affected crates.io packages

wasmtime — 79 advisories
coreutils — 44 advisories
openssl-src — 43 advisories
deno — 38 advisories
surrealdb — 26 advisories
openssl — 24 advisories
ckb — 22 advisories
zebrad — 13 advisories
rustfs — 13 advisories
apollo-router — 13 advisories
pyo3 — 12 advisories
russh — 12 advisories
diesel — 12 advisories
matrix-sdk-crypto — 11 advisories
astral-tokio-tar — 11 advisories
tough — 10 advisories
rustls-webpki — 10 advisories
aws-lc-sys — 10 advisories
tokio — 9 advisories
rusqlite — 9 advisories

Latest crates.io advisories

CVE-2026-55832 — medium · crates.io/tract-onnx
CVE-2026-55093 — medium · crates.io/tract-nnef
CVE-2026-55517 — medium · crates.io/deno
CVE-2026-49401 — medium · crates.io/deno
CVE-2026-49406 — medium · crates.io/deno
CVE-2026-49411 — medium · crates.io/deno
CVE-2026-49440 — high · crates.io/deno
CVE-2026-49402 — high · crates.io/deno
CVE-2026-49983 — medium · crates.io/deno
CVE-2026-49860 — medium · crates.io/deno
CVE-2026-49859 — medium · crates.io/deno
GHSA-3p27-qvp9-27qf — medium · crates.io/wasmtime-wasi
GHSA-chgr-c6px-7xpp — medium · crates.io/pyo3
GHSA-36hh-v3qg-5jq4 — high · crates.io/pyo3
RUSTSEC-2026-0178 — medium · crates.io/tokio-postgres
RUSTSEC-2026-0179 — medium · crates.io/postgres-protocol
RUSTSEC-2026-0180 — medium · crates.io/postgres-protocol
CVE-2026-48110 — high · crates.io/russh
CVE-2026-48108 — medium · crates.io/russh
CVE-2026-48107 — medium · crates.io/russh
GHSA-36hh-v3qg-5jq4 — medium · crates.io/pyo3
GHSA-chgr-c6px-7xpp — medium · crates.io/pyo3
RUSTSEC-2026-0175 — medium · crates.io/onering
CVE-2026-49233 — high · crates.io/routinator
CVE-2026-49235 — high · crates.io/routinator
CVE-2026-49234 — high · crates.io/routinator
RUSTSEC-2026-0173 — medium · crates.io/proc-macro-error2
RUSTSEC-2026-0181 — medium · crates.io/vibeio-http
GHSA-wx3m-whqv-xv47 — high · crates.io/skillctl
CVE-2026-47261 — high · crates.io/wasmtime-wasi
RUSTSEC-2026-0172 — medium · crates.io/diesel
CVE-2026-45057 — medium · crates.io/matrix-sdk-ui
CVE-2026-45056 — medium · crates.io/matrix-sdk-crypto
RUSTSEC-2026-0164 — medium · crates.io/pqcrypto
RUSTSEC-2026-0168 — medium · crates.io/pqcrypto-hqc
RUSTSEC-2026-0169 — medium · crates.io/surf
RUSTSEC-2026-0165 — medium · crates.io/pqcrypto-falcon
RUSTSEC-2026-0162 — medium · crates.io/pqcrypto-traits
RUSTSEC-2026-0163 — medium · crates.io/pqcrypto-internals
RUSTSEC-2026-0160 — medium · crates.io/pqcrypto-sphincsplus

Stateward audits your crates.io dependencies on every pull request and only flags what your code reaches.

Scan my repo

Summarize with AI

ChatGPT Claude Perplexity

Sources: CISA KEV (public domain), OSV.dev & GitHub Advisory Database (CC-BY-4.0), FIRST EPSS, NVD/CWE (public domain). Served live from the Stateward advisory database.