RustDesk Client for Windows Transfer File Link Following Information Disclosure Vulnerability

RustDesk Client for Windows contains a local information disclosure vulnerability (CVE-2026-2490) that allows attackers with low-privileged code execution to access sensitive information on the affected system. An attacker must already have some level of access to the target machine to exploit this flaw, limiting its impact to scenarios where an initial compromise has already occurred. Security teams should prioritize patching RustDesk installations and implementing strict access controls to prevent unauthorized code execution on systems running the affected client.