logo

Database

Use of software with malware In exploration

Description

exploration was removed from crates.io for malicious code A method within the exploration crate attempted to download and execute a payload from a remote site.

The malicious crate had 1 version published on 2026-06-02, approximately 1 hour before removal, and had no evidence of actual usage. This crate had no dependencies on crates.io.

Thanks to Kirill Boychenko from the Socket Threat Research Team for reporting this crate.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version

Aliases

1. OSV-RUSTSEC-2026-01552. GCVE-RUSTSEC-2026-01553. rustsec.org

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.