Skip to content

rustdesk/rustdesk

v1.4.7 Security

This release includes 2 security fixes for security teams reviewing exposed deployments.

Published 1d Network Security
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →
This release patches 2 known CVEs

Topics

android anydesk dart flatpak flutter flutter-apps
+13 more
ios linux macos p2p rdp remote-control remote-desktop rust rust-lang teamviewer vnc wayland windows

Affected surfaces

auth

Summary

AI summary

Broad release touches For more downloads, android, ipc, and linux.

Changes in this release

Security High

Adds brute-force protection for one-time password.

Adds brute-force protection for one-time password.

Source: llm_adapter@2026-06-03

Confidence: high
Security High

Hardens OS password anti-brute-force for terminal windows and headless Linux.

Hardens OS password anti-brute-force for terminal windows and headless Linux.

Source: llm_adapter@2026-06-03

Confidence: high
Security High

Hardens local IPC authorization and portable‑service bootstrap flow.

Hardens local IPC authorization and portable‑service bootstrap flow.

Source: llm_adapter@2026-06-03

Confidence: high
Feature Medium

Adds advanced CLI option to allow settings when custom client toggles Disable settings.

Adds advanced CLI option to allow settings when custom client toggles Disable settings.

Source: llm_adapter@2026-06-03

Confidence: high
Feature Medium

Adds option to enable privacy mode and permanent change in accept window.

Adds option to enable privacy mode and permanent change in accept window.

Source: llm_adapter@2026-06-03

Confidence: high
Feature Medium

Adds ability to drag the whole toolbar and snap it to all four edges of the remote session window.

Adds ability to drag the whole toolbar and snap it to all four edges of the remote session window.

Source: llm_adapter@2026-06-03

Confidence: low
Feature Medium

Adds Android device deployment flow.

Adds Android device deployment flow.

Source: llm_adapter@2026-06-03

Confidence: low
Feature Medium

Adds option to hide stop‑service UI when the service is running.

Adds option to hide stop‑service UI when the service is running.

Source: llm_adapter@2026-06-03

Confidence: low
Feature Low

Allows dragging whole toolbar and snapping to window edges.

Allows dragging whole toolbar and snapping to window edges.

Source: granite4.1:30b@2026-06-03-audit

Confidence: low
Feature Low

Enables macOS monitor switching in privacy mode.

Enables macOS monitor switching in privacy mode.

Source: granite4.1:30b@2026-06-03-audit

Confidence: low
Feature Low

Implements callbacks to change theme and language.

Implements callbacks to change theme and language.

Source: granite4.1:30b@2026-06-03-audit

Confidence: low
Bugfix Medium

Fixes file‑transfer path traversal vulnerability.

Fixes file‑transfer path traversal vulnerability.

Source: llm_adapter@2026-06-03

Confidence: high
Bugfix Medium

Fixes Android session closure on dispose to prevent reconnect wedges.

Fixes Android session closure on dispose to prevent reconnect wedges.

Source: llm_adapter@2026-06-03

Confidence: low
Bugfix Low

Encrypts passwords securely.

Encrypts passwords securely.

Source: granite4.1:30b@2026-06-03-audit

Confidence: low
Bugfix Low

Disables mobile deeplink by default for security.

Disables mobile deeplink by default for security.

Source: granite4.1:30b@2026-06-03-audit

Confidence: low
Bugfix Low

Stops retrying on restricted mobile access errors.

Stops retrying on restricted mobile access errors.

Source: granite4.1:30b@2026-06-03-audit

Confidence: low
Bugfix Low

Adds Wayland clipboard input prompt handling.

Adds Wayland clipboard input prompt handling.

Source: granite4.1:30b@2026-06-03-audit

Confidence: low
Bugfix Low

Fixes IPC routing scope for active‑user requests.

Fixes IPC routing scope for active‑user requests.

Source: granite4.1:30b@2026-06-03-audit

Confidence: low
Bugfix Low

Corrects MSI uninstall behavior by checking install folder and removing files.

Corrects MSI uninstall behavior by checking install folder and removing files.

Source: granite4.1:30b@2026-06-03-audit

Confidence: low
Bugfix Low

Restores directory after file transfer reconnect.

Restores directory after file transfer reconnect.

Source: granite4.1:30b@2026-06-03-audit

Confidence: low
Bugfix Low

Removes unsafe exec() call in wf_cliprdr.c.

Removes unsafe exec() call in wf_cliprdr.c.

Source: granite4.1:30b@2026-06-03-audit

Confidence: low
Bugfix Low

Addresses Android image‑waiting issue causing stalls.

Addresses Android image‑waiting issue causing stalls.

Source: granite4.1:30b@2026-06-03-audit

Confidence: low
Bugfix Low

Improves terminal UTF‑8 handling on reconnect.

Improves terminal UTF‑8 handling on reconnect.

Source: granite4.1:30b@2026-06-03-audit

Confidence: low
Bugfix Low

Fixes Sciter control side behavior in privacy mode.

Fixes Sciter control side behavior in privacy mode.

Source: granite4.1:30b@2026-06-03-audit

Confidence: low
Bugfix Low

Resolves Safari OIDC authentication issue.

Resolves Safari OIDC authentication issue.

Source: granite4.1:30b@2026-06-03-audit

Confidence: low
Bugfix Low

Enables mouse side buttons in remote Linux sessions.

Enables mouse side buttons in remote Linux sessions.

Source: granite4.1:30b@2026-06-03-audit

Confidence: low
Bugfix Low

Debounces X11 keyboard grab and focus feedback on the client.

Debounces X11 keyboard grab and focus feedback on the client.

Source: granite4.1:30b@2026-06-03-audit

Confidence: low
Bugfix Low

Improves Flutter address book error handling.

Improves Flutter address book error handling.

Source: granite4.1:30b@2026-06-03-audit

Confidence: low
Bugfix Low

Adjusts Flutter IME capitalization after one‑shot input.

Adjusts Flutter IME capitalization after one‑shot input.

Source: granite4.1:30b@2026-06-03-audit

Confidence: low
Bugfix Low

Corrects Windows executable icon path.

Corrects Windows executable icon path.

Source: granite4.1:30b@2026-06-03-audit

Confidence: low
Bugfix Low

Fixes Sciter clipboard handling on COSMIC/DMA‑BUF portals for screencast.

Fixes Sciter clipboard handling on COSMIC/DMA‑BUF portals for screencast.

Source: granite4.1:30b@2026-06-03-audit

Confidence: low
Full changelog

| Architecture | Windows | Ubuntu | Mac | Android | Flatpak | iOS | Web |
|--------------|---------|--------|-----|----------|---------|---------|---------|
| x86-64 (64-bit) | EXE   MSI | Download | Download | Universal | Download | | Go |
| AArch64 (ARM64) | | Download | Download | Download | Download | App Store | |
| ARMv7 (32-bit) | | Download | | Download | | |
| x86-32 (32-bit) | EXE (Legacy)| | | | | |

For more downloads (Fedora / Arch Linux / Suse / AppImage): check below please

For the latest features: check out the nightly build

Changelog

Changelog

Added

Changes

Fixes

Security Fixes

  • Add brute-force protection for one-time password (#14682)
  • Harden OS password anti‑brute force on terminal windows and headless Linux (#14985)
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track rustdesk/rustdesk

Get notified when new releases ship.

Sign up free

About rustdesk/rustdesk

All releases →

Related context

Beta — feedback welcome: [email protected]