A vulnerability has been found in RsyncProject rsync up to 3.4.2 and classified as problematic . Affected by this vulnerability is the function recv_files of the file receiver.c . Performing a manipulation results in out-of-bounds read. This vulnerability is known as CVE-2026-43620 . Remote exploitation of the attack is possible. No exploit is available. The affected component should be upgraded.