A vulnerability marked as problematic has been reported in RsyncProject rsync up to 3.4.2 . The affected element is an unknown function. The manipulation leads to time-of-check time-of-use. This vulnerability is referenced as CVE-2026-29518 . The attack can only be performed from a local environment. No exploit is available. It is suggested to upgrade the affected component.