Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

FreeRDP — Vulnerabilities & Security Advisories 142

Browse all 142 CVE security advisories affecting FreeRDP. AI-powered Chinese analysis, POCs, and references for each vulnerability.

FreeRDP is an open-source Remote Desktop Protocol client and server implementation designed to facilitate cross-platform remote desktop connectivity. Its widespread adoption in enterprise and personal environments has made it a frequent target for security researchers, resulting in a significant number of recorded Common Vulnerabilities and Exposures. Historically, the codebase has been susceptible to critical remote code execution flaws, often stemming from improper input validation within the RDP protocol parsing logic. These vulnerabilities frequently allow attackers to execute arbitrary commands or escalate privileges on affected systems without user interaction. While the project maintains an active development cycle to patch these issues, the sheer volume of past incidents highlights the complexity of implementing secure network protocols. Continuous monitoring and timely updates remain essential for mitigating risks associated with its extensive feature set and legacy code dependencies.

Top products by FreeRDP: FreeRDP
CVE IDTitleCVSSSeverityPublished
CVE-2026-25952 FreeRDP has heap-use-after-free in xf_SetWindowMinMaxInfo — FreeRDPCWE-416 9.1AICriticalAI2026-02-25
CVE-2026-25942 FreeRDP has global-buffer-overflow in xf_rail_server_execute_result — FreeRDPCWE-125 8.2AIHighAI2026-02-25
CVE-2026-25941 FreeRDP: vuln_1_15_1 RDPGFX WIRE_TO_SURFACE_2 Out-of-Bounds Read — FreeRDPCWE-20 4.3 Medium2026-02-25
CVE-2026-24684 FreeRDP has a Heap-use-after-free in play_thread — FreeRDPCWE-416 9.8AICriticalAI2026-02-09
CVE-2026-24683 FreeRDP has a heap-use-after-free in ainput_send_input_event — FreeRDPCWE-416 9.8AICriticalAI2026-02-09
CVE-2026-24682 FreeRDP has a Heap-buffer-overflow in audio_formats_free — FreeRDPCWE-122 9.1AICriticalAI2026-02-09
CVE-2026-24681 FreeRDP has a heap-use-after-free in urb_bulk_transfer_cb — FreeRDPCWE-416 8.8AIHighAI2026-02-09
CVE-2026-24680 FreeRDP has a heap-use-after-free in update_pointer_new(SDL) — FreeRDPCWE-416 9.1AICriticalAI2026-02-09
CVE-2026-24679 FreeRDP has a heap-buffer-overflow in urb_select_interface — FreeRDPCWE-122 9.1AICriticalAI2026-02-09
CVE-2026-24678 FreeRDP has a Heap-use-after-free in cam_v4l_stream_capture_thread — FreeRDPCWE-416 8.8 -2026-02-09
CVE-2026-24677 FreeRDP has a heap-buffer-overflow in ecam_encoder_compress_h264 — FreeRDPCWE-416 9.1AICriticalAI2026-02-09
CVE-2026-24676 FreeRDP has a heap-use-after-free in audio_format_compatible — FreeRDPCWE-416 9.8AICriticalAI2026-02-09
CVE-2026-24675 FreeRDP has a Heap-use-after-free in urb_select_interface — FreeRDPCWE-416 9.8AICriticalAI2026-02-09
CVE-2026-24491 FreeRDP has a heap-use-after-free in video_timer — FreeRDPCWE-416 8.3AIHighAI2026-02-09
CVE-2026-23948 FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2() — FreeRDPCWE-476 7.5AIHighAI2026-02-09
CVE-2026-23884 Heap-use-after-free in gdi_set_bounds — FreeRDPCWE-416 9.8 -2026-01-19
CVE-2026-23883 Heap-use-after-free in update_pointer_new — FreeRDPCWE-416 9.8 -2026-01-19
CVE-2026-23732 FreeRDP has heap-buffer-overflow in Glyph_Alloc — FreeRDPCWE-122 7.5 -2026-01-19
CVE-2026-23534 FreeRDP has heap-buffer-overflow in clear_decompress_bands_data — FreeRDPCWE-122 9.8 -2026-01-19
CVE-2026-23533 FreeRDP has heap-buffer-overflow in clear_decompress_residual_data — FreeRDPCWE-122 9.8 -2026-01-19
CVE-2026-23532 FreeRDP has heap-buffer-overflow in gdi_SurfaceToSurface — FreeRDPCWE-122 9.8 -2026-01-19
CVE-2026-23531 FreeRDP has heap-buffer-overflow in clear_decompress — FreeRDPCWE-122 9.8 -2026-01-19
CVE-2026-23530 FreeRDP has heap-buffer-overflow in planar_decompress_plane_rle — FreeRDPCWE-122 9.8 -2026-01-19
CVE-2026-22859 FreeRDP has a heap-buffer-overflow in urb_select_configuration — FreeRDPCWE-125 9.1 -2026-01-14
CVE-2026-22858 FreeRDP has a global-buffer-overflow in crypto_base64_decode — FreeRDPCWE-125 9.1 -2026-01-14
CVE-2026-22857 FreeRDP has a heap-use-after-free in irp_thread_func — FreeRDPCWE-416 9.8 -2026-01-14
CVE-2026-22856 FreeRDP has a heap-use-after-free in create_irp_thread — FreeRDPCWE-362 7.5 -2026-01-14
CVE-2026-22855 FreeRDP has a heap-buffer-overflow in smartcard_unpack_set_attrib_call — FreeRDPCWE-125 9.1 -2026-01-14
CVE-2026-22854 FreeRDP has a heap-buffer-overflow in drive_process_irp_read — FreeRDPCWE-122 9.8 -2026-01-14
CVE-2026-22853 FreeRDP has a heap-buffer-overflow in ndr_read_uint8Array — FreeRDPCWE-787 9.8 -2026-01-14

This page lists every published CVE security advisory associated with FreeRDP. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.