CVE-2026-23948
- EPSS 0.47%
- Veröffentlicht 09.02.2026 18:12:00
- Zuletzt bearbeitet 10.02.2026 15:09:11
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, a NULL pointer dereference vulnerability in rdp_write_logon_info_v2() allows a malicious RDP server to crash FreeRDP proxy by sending a specially crafted LogonInfoV2 PD...
CVE-2026-23884
- EPSS 0.4%
- Veröffentlicht 19.01.2026 17:20:40
- Zuletzt bearbeitet 30.06.2026 03:17:35
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, offscreen bitmap deletion leaves `gdi->drawing` pointing to freed memory, causing UAF when related update packets arrive. A malicious server can trigger a clien...
CVE-2026-23883
- EPSS 0.4%
- Veröffentlicht 19.01.2026 17:15:55
- Zuletzt bearbeitet 30.06.2026 03:17:34
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, `xf_Pointer_New` frees `cursorPixels` on failure, then `pointer_free` calls `xf_Pointer_Free` and frees it again, triggering ASan UAF. A malicious server can tr...
CVE-2026-23732
- EPSS 0.48%
- Veröffentlicht 19.01.2026 17:12:57
- Zuletzt bearbeitet 28.01.2026 18:38:37
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, FastGlyph parsing trusts `cbData`/remaining length and never validates against the minimum size implied by `cx/cy`. A malicious server can trigger a client‑side...
CVE-2026-23534
- EPSS 0.43%
- Veröffentlicht 19.01.2026 17:09:55
- Zuletzt bearbeitet 30.06.2026 03:17:32
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurs in the ClearCodec bands decode path when crafted band coordinates allow writes past the end of the destination surface...
CVE-2026-23533
- EPSS 0.43%
- Veröffentlicht 19.01.2026 17:07:18
- Zuletzt bearbeitet 30.06.2026 03:17:32
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurs in the RDPGFX ClearCodec decode path when maliciously crafted residual data causes out-of-bounds writes during color o...
CVE-2026-23532
- EPSS 0.43%
- Veröffentlicht 19.01.2026 17:03:51
- Zuletzt bearbeitet 30.06.2026 03:17:32
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurs in the FreeRDP client’s `gdi_SurfaceToSurface` path due to a mismatch between destination rectangle clamping and the ...
CVE-2026-23531
- EPSS 0.44%
- Veröffentlicht 19.01.2026 17:01:01
- Zuletzt bearbeitet 30.06.2026 03:17:32
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, in ClearCodec, when `glyphData` is present, `clear_decompress` calls `freerdp_image_copy_no_overlap` without validating the destination rectangle, allowing an o...
CVE-2026-23530
- EPSS 0.44%
- Veröffentlicht 19.01.2026 16:58:46
- Zuletzt bearbeitet 30.06.2026 03:17:31
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0,`freerdp_bitmap_decompress_planar` does not validate `nSrcWidth`/`nSrcHeight` against `planar->maxWidth`/`maxHeight` before RLE decode. A malicious server can tr...
CVE-2026-22859
- EPSS 0.76%
- Veröffentlicht 14.01.2026 17:57:37
- Zuletzt bearbeitet 30.06.2026 03:17:29
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, the URBDRC client does not perform bounds checking on server‑supplied MSUSB_INTERFACE_DESCRIPTOR values and uses them as indices in libusb_udev_complete_msconfig_setup,...