1. Critical Symlink Vulnerability in Tokio-Tar Library Enables Arbitrary Directory Permission Manipulation
A critical security flaw in the astral-tokio-tar archive library allows maliciously crafted tar archives to modify directory permissions outside the intended extraction hierarchy. The vulnerability, catalogued as RUSTSEC-2026-0113, affects all versions through 0.6.0 and exposes systems to arbitrary permission changes o...