CVE-2026-31883
- EPSS 0.32%
- Veröffentlicht 13.03.2026 17:35:17
- Zuletzt bearbeitet 17.03.2026 14:26:13
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, a size_t underflow in the IMA-ADPCM and MS-ADPCM audio decoders leads to heap-buffer-overflow write via the RDPSND audio channel. In libfreerdp/codec/dsp.c, the IMA-ADP...
CVE-2026-29776
- EPSS 0.18%
- Veröffentlicht 13.03.2026 17:33:10
- Zuletzt bearbeitet 17.03.2026 14:33:19
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, Integer Underflow in update_read_cache_bitmap_order Function of FreeRDP's Core Library This vulnerability is fixed in 3.24.0.
CVE-2026-29775
- EPSS 0.31%
- Veröffentlicht 13.03.2026 17:28:39
- Zuletzt bearbeitet 17.03.2026 14:43:17
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, a client-side heap out-of-bounds read/write occurs in FreeRDP's bitmap cache subsystem due to an off-by-one boundary check in bitmap_cache_put. A malicious server can s...
CVE-2026-29774
- EPSS 0.32%
- Veröffentlicht 13.03.2026 17:26:58
- Zuletzt bearbeitet 17.03.2026 14:51:38
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, a client-side heap buffer overflow occurs in the FreeRDP client's AVC420/AVC444 YUV-to-RGB conversion path due to missing horizontal bounds validation of H.264 metabloc...
CVE-2026-27951
- EPSS 0.35%
- Veröffentlicht 25.02.2026 21:07:30
- Zuletzt bearbeitet 27.02.2026 19:09:27
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, the function `Stream_EnsureCapacity` can create an endless blocking loop. This may affect all client and server implementations using `FreeRDP`. For practical e...
CVE-2026-27950
- EPSS 0.43%
- Veröffentlicht 25.02.2026 21:05:23
- Zuletzt bearbeitet 27.02.2026 19:10:21
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, the fix for the heap-use-after-free described in CVE-2026-24680 is incomplete. While the vulnerable execution flow referenced in the advisory exists in the SDL2...
CVE-2026-26986
- EPSS 0.48%
- Veröffentlicht 25.02.2026 21:01:16
- Zuletzt bearbeitet 27.02.2026 19:11:09
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `rail_window_free` dereferences a freed `xfAppWindow` pointer during `HashTable_Free` cleanup because `xf_rail_window_common` calls `free(appWindow)` on title a...
CVE-2026-26965
- EPSS 0.59%
- Veröffentlicht 25.02.2026 20:59:17
- Zuletzt bearbeitet 30.06.2026 03:17:52
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, in the RLE planar decode path, `planar_decompress_plane_rle()` writes into `pDstData` at `((nYDst+y) * nDstStep) + (4*nXDst) + nChannel` without verifying that ...
CVE-2026-26955
- EPSS 0.54%
- Veröffentlicht 25.02.2026 20:47:14
- Zuletzt bearbeitet 30.06.2026 03:17:51
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a malicious RDP server can trigger a heap buffer overflow in FreeRDP clients using the GDI surface pipeline (e.g., `xfreerdp`) by sending an RDPGFX ClearCodec s...
CVE-2026-27015
- EPSS 0.26%
- Veröffentlicht 25.02.2026 20:44:14
- Zuletzt bearbeitet 27.02.2026 14:48:24
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a missing bounds check in `smartcard_unpack_read_size_align()` (`libfreerdp/utils/smartcard_pack.c:1703`) allows a malicious RDP server to crash the FreeRDP cli...