rust · Rust BlogCritical
Rust 1.96.0 release: new Range* types, assert_matches!, WebAssembly breaking change, Cargo security fixes
Rust 1.96.0 introduces new Range* types, assert_matches! macros, and changes WebAssembly target behavior (no longer passes --allow-undefined). Two Cargo vulnera
What changed
Rust 1.96.0 introduces new Range* types, assert_matches! macros, and changes WebAssembly target behavior (no longer passes --allow-undefined). Two Cargo vulnerabilities are fixed: CVE-2026-5223 (medium) and CVE-2026-5222 (low).
Who it affects
All Rust users, especially those using WebAssembly targets (breaking change) or third-party registries (vulnerability fixes).
What to do today
Update to Rust 1.96.0 via `rustup update stable` and review WebAssembly builds for undefined symbols.
The trail
Collected→
Audited→
Written→
Published
Source
RSS · Rust Blog