What is the CVSS score of CVE-2026-49980?

CVE-2026-49980 has a contested CVSS base score of 9.8 from a third party (e.g. CISA-ADP), while the vendor rates it Critical. vuln.today uses the vendor rating as authoritative.

Which versions of rclone are affected by CVE-2026-49980?

rclone's remote control daemon, used widely for cloud storage synchronization, contains an unauthenticated remote code execution vulnerability in versions 1.55.0-1.74.2; while no public exploit has…. A patch is available.

How to fix or mitigate CVE-2026-49980?

Within 24 hours: Identify all rclone deployments using --rc-serve; verify HTTP authentication is enabled; if the remote control daemon is exposed without authentication, immediately restrict network access to trusted internal networks only or disable --rc-serve. Within 7 days: Document all rclone instances, assess exposure risk to untrusted networks, and implement network segmentation to isolate systems. Within 30 days: Monitor rclone release notes for vendor patch; execute immediate upgrade to patched version once available; evaluate alternative solutions if remote control daemon cannot be adequately secured.

rclone CVE-2026-49980

CRITICAL

Missing Authentication for Critical Function (CWE-306)

2026-06-16 https://github.com/rclone/rclone

GHSA-qw24-gh76-8rvv

Authentication Bypass Mozilla Suse

Critical

Disputed · 9.8 NVD

Severity by source

Sources disagree (Medium–Critical)

GitHub Advisory PRIMARY

9.8 CRITICAL

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

vuln.today AI

9.8 CRITICAL

Network-reachable rc listener with no authentication when `--rc-serve` is set yields PR:N/UI:N/AC:L; arbitrary command execution as the rclone user gives C/I/A:H.

3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

4.0 AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

SUSE

MEDIUM

qualitative

vuln.today treats the vendor’s rating as authoritative. A higher third-party CVSS (e.g. CISA-ADP) is shown for transparency but does not drive the headline severity.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Source Code Evidence Fetched

Jun 17, 2026 - 00:16 vuln.today

Analysis Generated

Jun 17, 2026 - 00:16 vuln.today

CVE Published

Jun 16, 2026 - 23:39 github-advisory

CRITICAL 9.8

DescriptionGitHub Advisory

Summary

rclone rcd --rc-serve accepts unauthenticated GET and HEAD requests to paths of the form:

text

/[remote:path]/object

The remote value is parsed from the URL and passed to normal backend initialization. Inline remote configuration can set backend options that execute local commands during initialization. As a result, a single unauthenticated GET or HEAD request can execute a command as the rclone process user.

Versions from 1.55.0 onwards are vulnerable to command execution. Earlier versions (from 1.46.0) are vulnerable to the unauthenticated local file read described under "Additional impact" but not to command execution, because inline backend option overrides did not exist until 1.55.0.

Preconditions

Preconditions for this vulnerability are:

The rclone remote control API must be enabled, either by the --rc flag or by running the rclone rcd server
The remote control API must be reachable by the attacker - by default rclone only serves the rc to localhost unless the --rc-addr flag is in use
The rc must have been deployed without global RC HTTP authentication - so not using --rc-user/--rc-pass/--rc-htpasswd/etc
The --rc-serve flag must be in use

Impact

An unauthenticated network attacker who can reach the RC HTTP listener can execute commands as the rclone process user.

Additional impact observed during testing:

GET and HEAD both trigger backend initialization.
The same path allows unauthenticated local file read through inline local remotes.
Inline global.* options can mutate process-wide rclone configuration, including global.http_proxy.
Browser subresource requests can also trigger the issue against a localhost-only RC listener. In testing, Firefox triggered the payload from a public HTTPS page containing only an <img> tag pointing at http://127.0.0.1:5572/.... This is an additional impact multiplier, not the primary attack precondition.

Mitigations / Workarounds

Upgrade to rclone 1.74.3 (or 1.75.0 when released).
Or, configure HTTP authentication on the rc with --rc-user/--rc-pass

or --rc-htpasswd, which has always been the recommended deployment.

Or, do not use --rc-serve if file serving is not needed.

The Fix

The vulnerabilities in this advisory have been fixed by two commits:

rc: fix unauthenticated command execution via --rc-serve inline remotes
rc: stop global.* connection string options changing config

Articles & Coverage 1

News Critical RCE in Mozilla - CVE-2026-49980 Jun 17, 2026

AnalysisAI

Unauthenticated remote command execution in rclone's remote control daemon (rcd) affects versions 1.55.0 through 1.74.2 when started with --rc-serve and without HTTP authentication. A single GET or HEAD request to /[remote:path]/object triggers backend initialization with attacker-controlled inline remote options, executing commands as the rclone process user. …

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access

Identify exposed rclone rcd `--rc-serve` listener

Delivery

Craft URL with inline remote and command option

Exploit

Send unauthenticated GET/HEAD to `/[remote:path]/object`

Execution

Backend initialization parses inline options

Persist

rclone spawns attacker command as process user

Impact

Establish persistence or pivot from host

Access

Identify exposed rclone rcd `--rc-serve` listener

Delivery

Craft URL with inline remote and command option

Exploit

Send unauthenticated GET/HEAD to `/[remote:path]/object`

Execution

Backend initialization parses inline options

Persist

rclone spawns attacker command as process user

Impact

Establish persistence or pivot from host

Vulnerability AssessmentAI

Exploitation	The rclone remote control API must be running (`--rc` flag or `rclone rcd`), the `--rc-serve` flag must be enabled, and the listener must have been started without any of `--rc-user`, `--rc-pass`, or `--rc-htpasswd` (no global RC HTTP authentication). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment	The CVSS 3.1 vector AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (9.8) is consistent with the description: network-reachable, no privileges, no user interaction, and full RCE on the host as the rclone user. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	An attacker on the same network (or on a public web page visited by a developer running rcd locally) sends a GET request such as `http://target:5572/[:local,command=...]/anything`, where the inline `local` backend uses a connection-string option that triggers command execution during backend initialization. The rcd handler accepts the unauthenticated request, parses the bracketed remote, and the backend init spawns the attacker's command as the rclone process user - yielding full code execution. …
Remediation	Vendor-released patch: upgrade to rclone 1.74.3 (or 1.75.0 when released) per advisory GHSA-qw24-gh76-8rvv (https://github.com/rclone/rclone/security/advisories/GHSA-qw24-gh76-8rvv). … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Identify all rclone deployments using --rc-serve; verify HTTP authentication is enabled; if the remote control daemon is exposed without authentication, immediately restrict network access to trusted internal networks only or disable --rc-serve. …

Threat intelligence, references, and detailed analysis are available after sign-in.