1. astral-tokio-tar Archive Library Flaw Allows External Directory Permission Manipulation
A set of security advisories has been published against the astral-tokio-tar Rust library, flagging multiple vulnerabilities in version 0.6.0 that could allow attackers to manipulate directory permissions outside the intended archive extraction boundary. The most prominently documented flaw, tracked as RUSTSEC-2026-011...