Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

FreeRDP — Vulnerabilities & Security Advisories 142

Browse all 142 CVE security advisories affecting FreeRDP. AI-powered Chinese analysis, POCs, and references for each vulnerability.

FreeRDP is an open-source Remote Desktop Protocol client and server implementation designed to facilitate cross-platform remote desktop connectivity. Its widespread adoption in enterprise and personal environments has made it a frequent target for security researchers, resulting in a significant number of recorded Common Vulnerabilities and Exposures. Historically, the codebase has been susceptible to critical remote code execution flaws, often stemming from improper input validation within the RDP protocol parsing logic. These vulnerabilities frequently allow attackers to execute arbitrary commands or escalate privileges on affected systems without user interaction. While the project maintains an active development cycle to patch these issues, the sheer volume of past incidents highlights the complexity of implementing secure network protocols. Continuous monitoring and timely updates remain essential for mitigating risks associated with its extensive feature set and legacy code dependencies.

Top products by FreeRDP: FreeRDP
Low2026-04-24
contains_dotdot() off-by-one allows drive channel path traversal via terminal .. · Advisory · FreeRDP/FreeRDP · GitHub
High2026-04-02
Persistent Cache Allocator Mismatch - Heap OOB Read · Advisory · FreeRDP/FreeRDP · GitHub
Medium2026-04-02
[cache,persistent] update PERSISTENT_CACHE_ENTRY::size after realloc · FreeRDP/FreeRDP@1a890eb · GitHub
Unknown2026-04-02
[codec,clear] update CLEAR_VBAR_ENTRY::size after alloc · FreeRDP/FreeRDP@dc7fdb1 · GitHub
High2026-04-02
[core,gateway] Check rpcconn_common_hdr_t::auth_length is valid · FreeRDP/FreeRDP@4ac0b64 · GitHub
HighCVE-2023-238632026-04-02
Progressive Codec Quant BYTE Underflow - UB + CPU DoS · Advisory · FreeRDP/FreeRDP · GitHub
HighCVE-2020-339442026-04-02
ClearCodec resize_vbar_entry() Heap OOB Write · Advisory · FreeRDP/FreeRDP · GitHub
Medium2026-04-02
DoS via WINPR_ASSERT in rts_read_auth_verifier_no_checks (rts.c:282) · Advisory · FreeRDP/FreeRDP · GitHub
Medium2026-04-02
DoS via WINPR_ASSERT in IMA ADPCM audio decoder (dsp.c:331) · Advisory · FreeRDP/FreeRDP · GitHub
HighCVE-2023-378872026-04-02
Persistent Cache bmpSize Desync - Heap OOB Write · Advisory · FreeRDP/FreeRDP · GitHub
Unknown2026-04-02
double free in kerberos_AcceptSecurityContext and kerberos_IntitalizeSecurityContextA · Advisory · FreeRDP/FreeRDP · Git
Critical2026-04-02
ClearCodec Glyph Cache Count Desync - Heap OOB Read · Advisory · FreeRDP/FreeRDP · GitHub
HighCVE-2020-139862026-04-02
H.264 YUV Buffer Dimension Desync - Heap OOB Write · Advisory · FreeRDP/FreeRDP · GitHub
High2026-02-26
[codec,clear] fix destination checks · FreeRDP/FreeRDP@7d8fdce · GitHub
MediumCVE-2026-259972026-02-26
Heap-use-after-free in xf_clipboard_format_equal · Advisory · FreeRDP/FreeRDP · GitHub
MediumCVE-2026-259552026-02-26
Heap-use-after-free in xf_AppUpdateWindowFromSurface (stale XImage) · Advisory · FreeRDP/FreeRDP · GitHub
MediumCVE-2026-259532026-02-26
Heap-use-after-free in xf_AppUpdateWindowFromSurface (freed appWindow) · Advisory · FreeRDP/FreeRDP · GitHub
MediumCVE-2026-270152026-02-26
Smartcard NDR Alignment Padding Triggers Reachable WINPR_ASSERT Abort (Client DoS) · Advisory · FreeRDP/FreeRDP · GitHub
MediumCVE-2026-259522026-02-26
Heap-use-after-free in xf_SetWindowMinMaxInfo · Advisory · FreeRDP/FreeRDP · GitHub
Medium2026-02-26
vuln_1_15_1 RDPGFX WIRE_TO_SURFACE_2 Out-of-Bounds Read · Advisory · FreeRDP/FreeRDP · GitHub

Showing up to 20 recent security advisories. View all →

This page lists every published CVE security advisory associated with FreeRDP. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.