CVE-2026-24676— FreeRDP has a heap-use-after-free in audio_format_compatible

EPSS 0.02% · P6 Updated Feb 11, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-24676

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

FreeRDP has a heap-use-after-free in audio_format_compatible

Source: NVD (National Vulnerability Database)

Vulnerability Description

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, AUDIN format renegotiation frees the active format list while the capture thread continues using audin->format, leading to a use after free in audio_format_compatible. This vulnerability is fixed in 3.22.0.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

释放后使用

Source: NVD (National Vulnerability Database)

Vulnerability Title

FreeRDP 资源管理错误漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

FreeRDP是FreeRDP团队的一款开源的远程桌面协议（RDP）的实现。 FreeRDP 3.22.0之前版本存在资源管理错误漏洞，该漏洞源于AUDIN格式重新协商释放活动格式列表而捕获线程继续使用audin->format，可能导致释放后重用。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
FreeRDP	FreeRDP	< 3.22.0	-

II. Public POCs for CVE-2026-24676

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2026-24676

请登录查看更多情报信息。

https://nvd.nist.gov/vuln/detail/CVE-2026-24676

Same Patch Batch · FreeRDP · 2026-02-09 · 12 CVEs total

CVE-2026-24675		FreeRDP has a Heap-use-after-free in urb_select_interface
CVE-2026-24679		FreeRDP has a heap-buffer-overflow in urb_select_interface
CVE-2026-24677		FreeRDP has a heap-buffer-overflow in ecam_encoder_compress_h264
CVE-2026-24491		FreeRDP has a heap-use-after-free in video_timer
CVE-2026-24684		FreeRDP has a Heap-use-after-free in play_thread
CVE-2026-24681		FreeRDP has a heap-use-after-free in urb_bulk_transfer_cb
CVE-2026-24678		FreeRDP has a Heap-use-after-free in cam_v4l_stream_capture_thread
CVE-2026-24682		FreeRDP has a Heap-buffer-overflow in audio_formats_free
CVE-2026-24683		FreeRDP has a heap-use-after-free in ainput_send_input_event
CVE-2026-24680		FreeRDP has a heap-use-after-free in update_pointer_new(SDL)
CVE-2026-23948		FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2()

IV. Related Vulnerabilities

Same product: FreeRDP

Same vendor: FreeRDP

Same weakness: CWE-416

V. Comments for CVE-2026-24676

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2026-24676— FreeRDP has a heap-use-after-free in audio_format_compatible

I. Basic Information for CVE-2026-24676

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2026-24676

III. Intelligence Information for CVE-2026-24676

Same Patch Batch · FreeRDP · 2026-02-09 · 12 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2026-24676

Leave a comment